| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Jul 2011 18:38:52 -0700 (MST) From: Tushar Gohad <tgohad@...sta.com> To: David Miller <davem@...emloft.net>, Herbert Xu <herbert@...dor.apana.org.au> cc: netdev@...r.kernel.org, tusharsg@...il.com Subject: [PATCH] XFRM: Fix memory leak in xfrm_state_update Upon "ip xfrm state update ..", xfrm_add_sa() takes an extra reference on the user-supplied SA and forgets to drop the reference when xfrm_state_update() returns 0. This leads to a memory leak as the parameter SA is never freed. This change attempts to fix the leak by calling __xfrm_state_put() when xfrm_state_update() updates a valid SA (err = 0). The parameter SA is added to the gc list when the final reference is dropped by xfrm_add_sa() upon completion. Signed-off-by: Tushar Gohad <tgohad@...sta.com> --- net/xfrm/xfrm_state.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index d70f85e..9414b9c 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -1345,6 +1345,8 @@ out: xfrm_state_check_expire(x1); err = 0; + x->km.state = XFRM_STATE_DEAD; + __xfrm_state_put(x); } spin_unlock_bh(&x1->lock); -- 1.6.3.3.202.g91879 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists