Bug #235: meta: Missing list checks for *list_add*
batadv_nc_get_nc_node: Missing list checks for *list_add*
Simon debugged the refcnt problem and submitted some patches to fix them. I had a brief look and noticed that there are possible more problems similar to the
*list_del* ones - just with
*list_add*. Basically some functions use some kind of get function, notice that the element does not exist and then create a new one to add to the list. Only the "
list_add" is protected. The result may be that an element in twice in a list when only a single occurrence is allowed.
The problem I saw is that functions adding objects in an RCU protected list are missing an definitive check. They first call some kind of
rcu_read_lock only) to check if an object with this value already exists and then uses some kind of
*_add to allocate a new object and add it (which may already be added in by a different context). So it has to be made sure that nothing modifies the list between the check and the add of the new object).
Updated by Sven Eckelmann almost 3 years ago
- Status changed from New to In Progress