[636] in linux-net channel archive
Another NULL dereference in 1.3.8
daemon@ATHENA.MIT.EDU (Paul Gortmaker)
Sun Jul 9 00:41:48 1995
From: Paul Gortmaker <gpg109@rsphy1.anu.edu.au>
To: linux-net@vger.rutgers.edu
Date: Sun, 9 Jul 1995 02:30:56 +1000 (EST)
Cc: iialan@www.linux.org.uk (Alan Cox)
Yes, another NULL dereference panic. This time it is
eth_copy_and_sum() that is responsible. Just like the NULL dereference
that was fixed in 1.3.8, this one won't let me boot past the net
daemons either. (again lance card)
The crash is at an offset of 0x1d from the start of eth_copy_and_sum()
which appears to be the first memcpy() in that routine. I think it is
passed a valid "dest" skb, but the "src" may be dubious. I will look at
it more later, as it is late here now.
Paul.
