aboutsummaryrefslogtreecommitdiffstatshomepage
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2019-04-06 12:21:46 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2019-04-06 12:27:23 +0200
commitfdfdd38cceebcd62df60785e8523e068b84f7076 (patch)
treeb5ab1403d5a22090414847a04b8450b152feea8e
parentcompat: backport skb_mark_not_on_list (diff)
downloadWireGuard-fdfdd38cceebcd62df60785e8523e068b84f7076.tar.xz
WireGuard-fdfdd38cceebcd62df60785e8523e068b84f7076.zip
allowedips: initialize list head when removing intermediate nodes
Otherwise if this list item is later reused, we'll crash on list poison or worse. Also, add a version of Mimka's reproducer to netns.sh to catch these types of bugs in the future. Reported-by: Mimka <mikma.wg@lists.m7n.se>
-rw-r--r--src/allowedips.c2
-rwxr-xr-xsrc/tests/netns.sh4
2 files changed, 5 insertions, 1 deletions
diff --git a/src/allowedips.c b/src/allowedips.c
index f175944..610aab0 100644
--- a/src/allowedips.c
+++ b/src/allowedips.c
@@ -108,7 +108,7 @@ static void walk_remove_by_peer(struct allowedips_node __rcu **top,
if (rcu_dereference_protected(node->peer,
lockdep_is_held(lock)) == peer) {
RCU_INIT_POINTER(node->peer, NULL);
- list_del(&node->peer_list);
+ list_del_init(&node->peer_list);
if (!node->bit[0] || !node->bit[1]) {
rcu_assign_pointer(*nptr, DEREF(
&node->bit[!REF(node->bit[0])]));
diff --git a/src/tests/netns.sh b/src/tests/netns.sh
index 91111f6..7cbbfce 100755
--- a/src/tests/netns.sh
+++ b/src/tests/netns.sh
@@ -485,6 +485,10 @@ n0 wg set wg0 peer "$pub2"
[[ $(n0 wg show wg0 peers) == "$pub2" ]]
n0 wg set wg0 private-key <(echo "/${key1:1}")
[[ $(n0 wg show wg0 private-key) == "+${key1:1}" ]]
+n0 wg set wg0 peer "$pub2" allowed-ips 0.0.0.0/0,10.0.0.0/8,100.0.0.0/10,172.16.0.0/12,192.168.0.0/16
+n0 wg set wg0 peer "$pub2" allowed-ips 0.0.0.0/0
+n0 wg set wg0 peer "$pub2" allowed-ips ::/0,1700::/111,5000::/4,e000::/37,9000::/75
+n0 wg set wg0 peer "$pub2" allowed-ips ::/0
ip0 link del wg0
declare -A objects