[PATCH 046/104] ipv6: don't stop backtracking in fib6_lookup_1 if subtree does not match

Luis Henriques luis.henriques at canonical.com
Mon Sep 30 10:10:23 UTC 2013 -stable review patch.  If anyone has any objections, please let me know.


From: Hannes Frederic Sowa <hannes at stressinduktion.org>

commit 3e3be275851bc6fc90bfdcd732cd95563acd982b upstream.

In case a subtree did not match we currently stop backtracking and return
NULL (root table from fib_lookup). This could yield in invalid routing
table lookups when using subtrees.

Instead continue to backtrack until a valid subtree or node is found
and return this match.

Also remove unneeded NULL check.

Reported-by: Teco Boot <teco at inf-net.nl>
Cc: YOSHIFUJI Hideaki <yoshfuji at linux-ipv6.org>
Cc: David Lamparter <equinox at diac24.net>
Cc: <boutier at pps.univ-paris-diderot.fr>
Signed-off-by: Hannes Frederic Sowa <hannes at stressinduktion.org>
Signed-off-by: David S. Miller <davem at davemloft.net>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
 net/ipv6/ip6_fib.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c
index 0907191..3c30320 100644
--- a/net/ipv6/ip6_fib.c
+++ b/net/ipv6/ip6_fib.c
@@ -949,14 +949,22 @@ static struct fib6_node * fib6_lookup_1(struct fib6_node *root,
 			if (ipv6_prefix_equal(&key->addr, args->addr, key->plen)) {
-				if (fn->subtree)
-					fn = fib6_lookup_1(fn->subtree, args + 1);
+				if (fn->subtree) {
+					struct fib6_node *sfn;
+					sfn = fib6_lookup_1(fn->subtree,
+							    args + 1);
+					if (!sfn)
+						goto backtrack;
+					fn = sfn;
+				}
-				if (!fn || fn->fn_flags & RTN_RTINFO)
+				if (fn->fn_flags & RTN_RTINFO)
 					return fn;
 		if (fn->fn_flags & RTN_ROOT)

More information about the kernel-team mailing list