bridge: Avoid use-after-free with VLAN splinters and multiple bridges.
The VLAN splinters feature uses a "pool" to track and free allocated
blocks. There's only one pool, but the implementation was freeing all of
the blocks in it for every bridge during reconfiguration, not just once for
each reconfiguration, so caused a use-after-free when there was more than
one bridge and a bridge other than the last one in the list of bridges had
a VLAN splinter port.
Bug #8671.
Reported-by: Michael Mao <mmao@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
git://git.onelab.eu / sliver-openvswitch.git / commit