|
Horms wrote:
Hi,
the following patch was sent to me by Kurosawa-san which resolves a
minor bug in ip_vs_ctl.c. The bug is that if an error state is reached
in do_ip_vs_get_ctl(), then the function returns imediately, leaving the
__ip_vs_mutex down.
Indeed, this looks fishy to me too. Maybe noone stress tested it from
the user space so the faulty code control path never got called.
The patch resolves this by making sure that the up() call at the bottom
of do_ip_vs_get_ctl() is always reached.
This is almost the same for ipvs-1.1.0. I wonder however, why some of
the calls do get back and call up(&__ip_vs_mutex) and some don't. It's a
very strange mix.
Let's see what Wensong thinks about it. What about adding the CMD length
check of the IP_VS_SO_GET_VERSION at the beginning too in ipvs-1.0.6?
It would look nicer :)
if (*len < get_arglen[GET_CMDID(cmd)]) {
IP_VS_ERR("get_ctl: len %u < %u\n",
*len, get_arglen[GET_CMDID(cmd)]);
return -EINVAL;
}
Best regards,
Roberto Nibali, ratz
--
echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc
|
