Re: [Patch net] tipc: use the right skb in tipc_sk_fill_sock_diag()

David Miller Sun, 08 Apr 2018 09:35:36 -0700

From: Cong Wang <xiyou.wangc...@gmail.com>
Date: Fri,  6 Apr 2018 18:54:52 -0700


> Commit 4b2e6877b879 ("tipc: Fix namespace violation in 
> tipc_sk_fill_sock_diag")
> tried to fix the crash but failed, the crash is still 100% reproducible
> with it.
> 
> In tipc_sk_fill_sock_diag(), skb is the diag dump we are filling, it is not
> correct to retrieve its NETLINK_CB(), instead, like other protocol diag,
> we should use NETLINK_CB(cb->skb).sk here.
> 
> Reported-by: <syzbot+326e587eff1074657...@syzkaller.appspotmail.com>
> Fixes: 4b2e6877b879 ("tipc: Fix namespace violation in 
> tipc_sk_fill_sock_diag")
> Fixes: c30b70deb5f4 (tipc: implement socket diagnostics for AF_TIPC)
> Cc: GhantaKrishnamurthy MohanKrishna 
> <mohan.krishna.ghanta.krishnamur...@ericsson.com>
> Cc: Jon Maloy <jon.ma...@ericsson.com>
> Cc: Ying Xue <ying....@windriver.com>
> Signed-off-by: Cong Wang <xiyou.wangc...@gmail.com>

Applied, thank you.

Re: [Patch net] tipc: use the right skb in tipc_sk_fill_sock_diag()

Reply via email to