3.10-stable patches

added patches:
	ipvs-uninitialized-data-with-ip_vs_ipv6.patch

diff --git a/queue-3.10/ipvs-uninitialized-data-with-ip_vs_ipv6.patch b/queue-3.10/ipvs-uninitialized-data-with-ip_vs_ipv6.patch
new file mode 100644 (file)
index 0000000..782c316
--- /dev/null
+++ b/queue-3.10/ipvs-uninitialized-data-with-ip_vs_ipv6.patch
@@ -0,0 +1,64 @@
+From 3b05ac3824ed9648c0d9c02d51d9b54e4e7e874f Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@oracle.com>
+Date: Sat, 6 Dec 2014 16:49:24 +0300
+Subject: ipvs: uninitialized data with IP_VS_IPV6
+
+From: Dan Carpenter <dan.carpenter@oracle.com>
+
+commit 3b05ac3824ed9648c0d9c02d51d9b54e4e7e874f upstream.
+
+The app_tcp_pkt_out() function expects "*diff" to be set and ends up
+using uninitialized data if CONFIG_IP_VS_IPV6 is turned on.
+
+The same issue is there in app_tcp_pkt_in().  Thanks to Julian Anastasov
+for noticing that.
+
+Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
+Acked-by: Julian Anastasov <ja@ssi.bg>
+Signed-off-by: Simon Horman <horms@verge.net.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ net/netfilter/ipvs/ip_vs_ftp.c |   10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+--- a/net/netfilter/ipvs/ip_vs_ftp.c
++++ b/net/netfilter/ipvs/ip_vs_ftp.c
+@@ -183,6 +183,8 @@ static int ip_vs_ftp_out(struct ip_vs_ap
+       struct nf_conn *ct;
+       struct net *net;
+ 
++      *diff = 0;
++
+ #ifdef CONFIG_IP_VS_IPV6
+       /* This application helper doesn't work with IPv6 yet,
+        * so turn this into a no-op for IPv6 packets
+@@ -191,8 +193,6 @@ static int ip_vs_ftp_out(struct ip_vs_ap
+               return 1;
+ #endif
+ 
+-      *diff = 0;
+-
+       /* Only useful for established sessions */
+       if (cp->state != IP_VS_TCP_S_ESTABLISHED)
+               return 1;
+@@ -321,6 +321,9 @@ static int ip_vs_ftp_in(struct ip_vs_app
+       struct ip_vs_conn *n_cp;
+       struct net *net;
+ 
++      /* no diff required for incoming packets */
++      *diff = 0;
++
+ #ifdef CONFIG_IP_VS_IPV6
+       /* This application helper doesn't work with IPv6 yet,
+        * so turn this into a no-op for IPv6 packets
+@@ -329,9 +332,6 @@ static int ip_vs_ftp_in(struct ip_vs_app
+               return 1;
+ #endif
+ 
+-      /* no diff required for incoming packets */
+-      *diff = 0;
+-
+       /* Only useful for established sessions */
+       if (cp->state != IP_VS_TCP_S_ESTABLISHED)
+               return 1;

diff --git a/queue-3.10/series b/queue-3.10/series
index 7a97a92ac56410fb2f8408d8a6b0aeb505822ea3..2a132b9898f0454c99fe6f4d0e93ac75588c91a0 100644 (file)
--- a/queue-3.10/series
+++ b/queue-3.10/series
@@ -21,3 +21,4 @@ x86-tls-interpret-an-all-zero-struct-user_desc-as-no-segment.patch
 x86-asm-traps-disable-tracing-and-kprobes-in-fixup_bad_iret-and-sync_regs.patch
 sata_dwc_460ex-fix-resource-leak-on-error-path.patch
 keys-close-race-between-key-lookup-and-freeing.patch
+ipvs-uninitialized-data-with-ip_vs_ipv6.patch