o arp: fix seq_file handling bug

When midnigth commander viewer is invoked it first opens the file, read
4 bytes (probably looking for a magic number), reading only 4 bytes makes
state->is_pneigh not to be set neither the lock is taken, because only
the header is being produced (v = (void *)1), so when arp_seq_stop is 
called the lock is dropped without having being taken: b00m

Thanks to Serge Kuznetsov for reporting this to me. Other seq_file
code may have this problem, but by using mc viewer in all of /proc/net
I haven't been able to reproduce this problem with any other file.
parent b53a0ade
...@@ -1282,7 +1282,7 @@ static void arp_seq_stop(struct seq_file *seq, void *v) ...@@ -1282,7 +1282,7 @@ static void arp_seq_stop(struct seq_file *seq, void *v)
{ {
struct arp_iter_state* state = seq->private; struct arp_iter_state* state = seq->private;
if (!state->is_pneigh) if (!state->is_pneigh && v != (void *)1)
read_unlock_bh(&arp_tbl.lock); read_unlock_bh(&arp_tbl.lock);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment