Page MenuHomeFreeBSD
Differential D31886

sctp: Clear assoc socket references when freeing a PCB
ClosedPublic
Actions

Authored by markj on Sep 8 2021, 9:32 PM.
Tags
None
Referenced Files
F115273426: D31886.diff
Tue, Apr 22, 2:55 AM
Unknown Object (File)
Fri, Apr 11, 1:04 PM
Unknown Object (File)
Wed, Apr 2, 4:54 AM
Unknown Object (File)
Mar 6 2025, 12:42 PM
Unknown Object (File)
Mar 1 2025, 8:48 PM
Unknown Object (File)
Jan 30 2025, 8:07 AM
Unknown Object (File)
Jan 28 2025, 9:57 PM
Unknown Object (File)
Jan 24 2025, 1:23 AM
View All 52 Files
Subscribers
imp
melifaro

Details

Reviewers
tuexen
Group Reviewers
transport
Commits
rG4250aa1188b5: sctp: Clear assoc socket references when freeing a PCB
Summary

This restores behaviour present in the first import of SCTP. Commit
ceaad40ae729dea2c5d8ffcfdd45bb96fb8969d2 commented this out and commit
62fb761ff28bb184a2543e539dd689fefd5d3246 removed it. However, once
sctp_inpcb_free() returns, the socket reference is gone no matter what,
so we need to clear it. In particular, it's possible for
sctp_free_assoc() to set SCTP_STATE_ABOUT_TO_BE_FREED and then return
without actually freeing the association.

Reported by: syzbot+30dd69297fcbc5f0e10a@syzkaller.appspotmail.com

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Revision Contents
Changeset List

PathSize
sys/
netinet/
1 line

Diff 94914

View Options

sys/netinet/sctp_pcb.c

Loading...