[Bridge] [PATCH v2] bridge: Fix crash with vlan filtering and tcpdump
David Miller
davem at davemloft.net
Fri Mar 28 21:14:17 UTC 2014
From: Vlad Yasevich <vyasevic at redhat.com>
Date: Thu, 27 Mar 2014 21:51:18 -0400
> When the vlan filtering is enabled on the bridge, but
> the filter is not configured on the bridge device itself,
> running tcpdump on the bridge device will result in a
> an Oops with NULL pointer dereference. The reason
> is that br_pass_frame_up() will bypass the vlan
> check because promisc flag is set. It will then try
> to get the table pointer and process the packet based
> on the table. Since the table pointer is NULL, we oops.
> Catch this special condition in br_handle_vlan().
>
> Reported-by: Toshiaki Makita <makita.toshiaki at lab.ntt.co.jp>
> CC: Toshiaki Makita <makita.toshiaki at lab.ntt.co.jp>
> Signed-off-by: Vlad Yasevich <vyasevic at redhat.com>
> ---
>
> * Changed to use kfree_skb() instead of kfree_skb_list() to
> match the reset of bridge code.
> * Fix-up {} style.
Applied, thanks.
More information about the Bridge
mailing list