conntrack: Fix conn_update_state_alg use after free.

When conn_update_state() returns true, conn has been freed, so skip calling handle_ftp_ctl() with this conn and instead follow code path for new connections. Fixes: bd5e81a0e596 ("Userspace Datapath: Add ALG infra and FTP.") Signed-off-by: Darrell Ball <dlu998@gmail.com> Signed-off-by: Ben Pfaff <blp@ovn.org>
author: Darrell Ball <dlu998@gmail.com> 2018-07-10 16:41:58 -0700
committer: Ben Pfaff <blp@ovn.org> 2018-07-11 08:34:08 -0700
commit: 030958a0cc9553cb797f800d8ee20e6e8d837aba (patch)
tree: 62e8a84aa7d266a0112f776d84963f3a26975855 /lib/conntrack.c
parent: 68fd9251abcd95c4e06e3fc3b634698e8fe198f4 (diff)
download: openvswitch-030958a0cc9553cb797f800d8ee20e6e8d837aba.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/conntrack.c b/lib/conntrack.c
index 08fce055a..974f985bd 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -1156,8 +1156,11 @@ conn_update_state_alg(struct conntrack *ct, struct dp_packet *pkt,
         } else {
             *create_new_conn = conn_update_state(ct, pkt, ctx, &conn, now,
                                                 bucket);
-            handle_ftp_ctl(ct, ctx, pkt, conn, now, CT_FTP_CTL_OTHER,
-                           !!nat_action_info);
+
+            if (*create_new_conn == false) {
+                handle_ftp_ctl(ct, ctx, pkt, conn, now, CT_FTP_CTL_OTHER,
+                               !!nat_action_info);
+            }
         }
         return true;
     }
author	Darrell Ball <dlu998@gmail.com>	2018-07-10 16:41:58 -0700
committer	Ben Pfaff <blp@ovn.org>	2018-07-11 08:34:08 -0700
commit	030958a0cc9553cb797f800d8ee20e6e8d837aba (patch)
tree	62e8a84aa7d266a0112f776d84963f3a26975855 /lib/conntrack.c
parent	68fd9251abcd95c4e06e3fc3b634698e8fe198f4 (diff)
download	openvswitch-030958a0cc9553cb797f800d8ee20e6e8d837aba.tar.gz