| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1c80b8da-3f00-48de-f89b-75cf18eebf5d@mellanox.com>
Date: Sun, 4 Jun 2017 16:07:43 +0300
From: Arkadi Sharshevsky <arkadis@...lanox.com>
To: Haishuang Yan <yanhaishuang@...s.chinamobile.com>,
"David S. Miller" <davem@...emloft.net>,
Jiri Pirko <jiri@...lanox.com>
Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] devlink: fix potential memort leak
On 06/04/2017 03:49 PM, Haishuang Yan wrote:
> We must free allocated skb when genlmsg_put() return fails.
>
> Fixes: 1555d204e743 ("devlink: Support for pipeline debug (dpipe)")
> Signed-off-by: Haishuang Yan <yanhaishuang@...s.chinamobile.com>
> ---
> net/core/devlink.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/net/core/devlink.c b/net/core/devlink.c
> index b0b87a2..70b69c6 100644
> --- a/net/core/devlink.c
> +++ b/net/core/devlink.c
> @@ -1680,8 +1680,10 @@ static int devlink_dpipe_tables_fill(struct genl_info *info,
>
> hdr = genlmsg_put(skb, info->snd_portid, info->snd_seq,
> &devlink_nl_family, NLM_F_MULTI, cmd);
> - if (!hdr)
> + if (!hdr) {
> + nlmsg_free(skb);
> return -EMSGSIZE;
> + }
>
> if (devlink_nl_put_handle(skb, devlink))
> goto nla_put_failure;
>
Thanks! I think it a bit better to set the err and goto
down the error path below (only nlmsg_free()). Headrs_fill()
also suffers from this problem.
Powered by blists - more mailing lists