| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 22 May 2011 23:18:54 +0200
From: Sjur Brændeland <sjur.brandeland@...ricsson.com>
To: "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org
Cc: Sjur Brændeland <sjur.brandeland@...ricsson.com>
Subject: [PATCH 5/5] caif: Plug memory leak for checksum error
In case of checksum error, the framing layer returns -EILSEQ, but
does not free the packet. Plug this hole by freeing the packet if
-EILSEQ is returned.
Signed-off-by: Sjur Brændeland <sjur.brandeland@...ricsson.com>
---
net/caif/caif_dev.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/net/caif/caif_dev.c b/net/caif/caif_dev.c
index 366ca0f..682c0fe 100644
--- a/net/caif/caif_dev.c
+++ b/net/caif/caif_dev.c
@@ -142,6 +142,7 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
{
struct cfpkt *pkt;
struct caif_device_entry *caifd;
+ int err;
pkt = cfpkt_fromnative(CAIF_DIR_IN, skb);
@@ -159,7 +160,11 @@ static int receive(struct sk_buff *skb, struct net_device *dev,
caifd_hold(caifd);
rcu_read_unlock();
- caifd->layer.up->receive(caifd->layer.up, pkt);
+ err = caifd->layer.up->receive(caifd->layer.up, pkt);
+
+ /* For -EILSEQ the packet is not freed so so it now */
+ if (err == -EILSEQ)
+ cfpkt_destroy(pkt);
/* Release reference to stack upwards */
caifd_put(caifd);
--
1.7.0.4
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists