On Mon, Oct 31, 2016 at 08:32:30PM +0800, Xin Long wrote: > There are several places where it holds assoc after getting transport by > searching from transport rhashtable, it may cause use-after-free issue. > > This patchset is to fix them by holding transport instead. > > v1->v2: > Fix the changelog of patch 2/3 > > Xin Long (3): > sctp: hold transport instead of assoc in sctp_diag > sctp: return back transport in __sctp_rcv_init_lookup > sctp: hold transport instead of assoc when lookup assoc in rx path > > include/net/sctp/sctp.h | 2 +- > net/sctp/input.c | 35 +++++++++++++++++------------------ > net/sctp/ipv6.c | 2 +- > net/sctp/socket.c | 5 +---- > 4 files changed, 20 insertions(+), 24 deletions(-) > > -- > 2.1.0 > > series Acked-by: Neil Horman <nhorman@xxxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-sctp" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
