Code Review / vpp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 41bda04) | patch
nat: set fib index for bypass session 66/29266/2
authorVladimir Isaev <visaev@netgate.com>
Tue, 6 Oct 2020 09:59:47 +0000 (12:59 +0300)
committerMatthew Smith <mgsmith@netgate.com>
Mon, 12 Oct 2020 15:00:04 +0000 (15:00 +0000)
commitd3252adce29e45611cbe2a43b2d37758a864a429
tree24bfc8b4b78cc46fa1f39cf48566e7efff41b940tree | snapshot
parent41bda044877bae25c5b584a5444c2a038a98e3a9commit | diff
nat: set fib index for bypass session

Bihash key already contains rx_fib_index for lookup
but fib value for session itself is set to 0.

In the result bihash is allocated with key with fib index
set, but free function is looking for key with fib index set
to zero. It leads to use-after-free because session itself is
removed from pool but bihash is not because of key mismatch.

Type: fix

Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: I8ac5a41b0a5a32b1baab9e9d757141d5b24b7798
src/plugins/nat/nat.c diff | blob | history
src/plugins/nat/out2in_ed.c diff | blob | history
Vector Packet Processing