From 84b885f51c95aebb427ef0ba19c379d616762a56 Mon Sep 17 00:00:00 2001 From: Marek Lindner Date: Mon, 17 Oct 2011 12:16:11 +0000 Subject: [PATCH] batman-adv: add critical bug fix Signed-off-by: Marek Lindner git-svn-id: svn://svn.openwrt.org/openwrt/packages/net/batman-adv@28472 3c298f89-4303-0410-b956-a3cf2f4a3e73 --- ...dv_fix_tt_local_reset_flags_function.patch | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 patches/batman-adv_fix_tt_local_reset_flags_function.patch diff --git a/patches/batman-adv_fix_tt_local_reset_flags_function.patch b/patches/batman-adv_fix_tt_local_reset_flags_function.patch new file mode 100644 index 0000000..3d0d51e --- /dev/null +++ b/patches/batman-adv_fix_tt_local_reset_flags_function.patch @@ -0,0 +1,31 @@ +From: Antonio Quartulli + +Currently the counter of tt_local_entry structures (tt_local_num) is incremented +each time the tt_local_reset_flags() is invoked causing the node to send wrong +TT_REPONSE packets containing a copy of non-initialised memory thus corrupting +other nodes global translation table and making higher level communication +impossible. + +Reported-by: Junkeun Song +Signed-off-by: Antonio Quartulli +Acked-by: Junkeun Song +--- + translation-table.c | 2 ++ + 1 files changed, 2 insertions(+), 0 deletions(-) + +diff --git a/translation-table.c b/translation-table.c +index 2d2cfc1..d4a3917 100644 +--- a/translation-table.c ++++ b/translation-table.c +@@ -1727,6 +1727,8 @@ static void tt_local_reset_flags(struct bat_priv *bat_priv, uint16_t flags) + rcu_read_lock(); + hlist_for_each_entry_rcu(tt_local_entry, node, + head, hash_entry) { ++ if (!(tt_local_entry->flags & flags)) ++ continue; + tt_local_entry->flags &= ~flags; + atomic_inc(&bat_priv->num_local_tt); + } +-- +1.7.3.4 + -- 2.30.2