[PATCH 5/5] c/r: Add AF_UNIX support (v7)

Serge E. Hallyn serue at us.ibm.com
Tue Aug 4 12:57:02 PDT 2009


Quoting Dan Smith (danms at us.ibm.com):
> +static int sock_unix_checkpoint(struct ckpt_ctx *ctx,
> +			        struct socket *socket,
> +			        struct ckpt_hdr_socket *h)
> +{
> +	struct unix_sock *sk = unix_sk(socket->sk);
> +	struct unix_sock *pr = unix_sk(sk->peer);
> +	struct ckpt_hdr_socket_unix *un;
> +	int new;
> +	int ret = -ENOMEM;
> +
> +	if ((socket->sk->sk_state == TCP_LISTEN) &&
> +	    !skb_queue_empty(&socket->sk->sk_receive_queue)) {
> +		ckpt_write_err(ctx, "listening socket has unaccepted peers");
> +		return -EBUSY;
> +	}
> +
> +	un = ckpt_hdr_get_type(ctx, sizeof(*un), CKPT_HDR_SOCKET_UNIX);
> +	if (!un)
> +		goto out;

...

> + out:
> +	ckpt_hdr_put(ctx, un);

This will cause a null deref trying to get ptr->len in ckpt_hdr_put().

-serge


More information about the Containers mailing list