fib: fix use-after-free for interface adj removal

author Benoît Ganne <bganne@cisco.com>

Wed, 16 Oct 2019 13:08:37 +0000 (15:08 +0200)

committer Neale Ranns <nranns@cisco.com>

Wed, 16 Oct 2019 15:19:46 +0000 (15:19 +0000)
author Benoît Ganne <bganne@cisco.com>
Wed, 16 Oct 2019 13:08:37 +0000 (15:08 +0200)
committer Neale Ranns <nranns@cisco.com>
Wed, 16 Oct 2019 15:19:46 +0000 (15:19 +0000)
diff --git a/src/vnet/adj/adj_nbr.c b/src/vnet/adj/adj_nbr.c

index cbd6691..7f053c8 100644 (file)
--- a/src/vnet/adj/adj_nbr.c
+++ b/src/vnet/adj/adj_nbr.c
@@ -823,12 +823,15 @@ adj_nbr_interface_delete_one (adj_index_t ai,
      };
      ip_adjacency_t *adj;
  
+    adj_lock(ai);
+
      adj = adj_get(ai);
  
      adj->ia_flags |= ADJ_FLAG_SYNC_WALK_ACTIVE;
      fib_walk_sync(FIB_NODE_TYPE_ADJ, ai, &bw_ctx);
      adj->ia_flags &= ~ADJ_FLAG_SYNC_WALK_ACTIVE;
  
+    adj_unlock(ai);
      return (ADJ_WALK_RC_CONTINUE);
  }
author	Benoît Ganne <bganne@cisco.com>
	Wed, 16 Oct 2019 13:08:37 +0000 (15:08 +0200)
committer	Neale Ranns <nranns@cisco.com>
	Wed, 16 Oct 2019 15:19:46 +0000 (15:19 +0000)