[BRIDGE]: Fix crash in __ip_route_output_key with bridge netfilter

The bridge netfilter code attaches a fake dst_entry with a pointer to a
fake net_device structure to skbs it passes up to IPv4 netfilter. This
leads to crashes when the skb is passed to __ip_route_output_key when
dereferencing the namespace pointer.

Since bridging can currently only operate in the init_net namespace,
the easiest fix for now is to initialize the nd_net pointer of the
fake net_device struct to &init_net.

Should fix bugzilla 10323: http://bugzilla.kernel.org/show_bug.cgi?id=10323

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Patrick McHardy 2008-04-14 00:46:01 -07:00 committed by David S. Miller
parent 4dee959723
commit 159d83363b

View File

@ -110,7 +110,8 @@ static inline __be16 pppoe_proto(const struct sk_buff *skb)
* ipt_REJECT needs it. Future netfilter modules might * ipt_REJECT needs it. Future netfilter modules might
* require us to fill additional fields. */ * require us to fill additional fields. */
static struct net_device __fake_net_device = { static struct net_device __fake_net_device = {
.hard_header_len = ETH_HLEN .hard_header_len = ETH_HLEN,
.nd_net = &init_net,
}; };
static struct rtable __fake_rtable = { static struct rtable __fake_rtable = {