From: Neil Horman <nhorman@redhat.com>
Date: Thu, 27 Mar 2008 10:39:22 -0400
Subject: [net] ipv6: check ptr in ip6_flush_pending_frames
Message-id: 20080327143922.GA29675@hmsendeavour.rdu.redhat.com
O-Subject: [RHEL 5.2 PATCH] fix Null pointer dereference in ip6_flush_pending_frames (bz 439059)
Bugzilla: 439059
Hey-
Backport of upstream commit e1f52208bb968291f7d9142eff60b62984b4a511 to fix a
NULL pointer dereference in ip6_flush_pending_frames. Fixes bz 439059.
Regards
Neil
Acked-by: "David S. Miller" <davem@redhat.com>
Acked-by: Thomas Graf <tgraf@redhat.com>
diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
index 373cc8a..920625f 100644
--- a/net/ipv6/ip6_output.c
+++ b/net/ipv6/ip6_output.c
@@ -1353,8 +1353,9 @@ void ip6_flush_pending_frames(struct sock *sk)
struct sk_buff *skb;
while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL) {
- IP6_INC_STATS(ip6_dst_idev(skb->dst),
- IPSTATS_MIB_OUTDISCARDS);
+ if (skb->dst)
+ IP6_INC_STATS(ip6_dst_idev(skb->dst),
+ IPSTATS_MIB_OUTDISCARDS);
kfree_skb(skb);
}
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
by-pkgid
>
27922b4260f65d317aabda37e42bbbff
>
files
>
2768
