| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20171220.135730.2027041954619642787.davem@davemloft.net>
Date: Wed, 20 Dec 2017 13:57:30 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: yanhaishuang@...s.chinamobile.com
Cc: kuznet@....inr.ac.ru, yoshfuji@...ux-ipv6.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
u9012063@...il.com
Subject: Re: [PATCH v3,net-next 2/2] ip6_gre: fix potential memory leak in
ip6erspan_rcv
From: Haishuang Yan <yanhaishuang@...s.chinamobile.com>
Date: Wed, 20 Dec 2017 10:07:01 +0800
> If md is NULL, tun_dst must be freed, otherwise it will cause memory
> leak.
>
> Fixes: ef7baf5e083c ("ip6_gre: add ip6 erspan collect_md mode")
> Cc: William Tu <u9012063@...il.com>
> Signed-off-by: Haishuang Yan <yanhaishuang@...s.chinamobile.com>
Applied.
> @@ -550,8 +550,10 @@ static int ip6erspan_rcv(struct sk_buff *skb, int gre_hdr_len,
>
> info = &tun_dst->u.tun_info;
> md = ip_tunnel_info_opts(info);
> - if (!md)
> + if (!md) {
> + dst_release((struct dst_entry *)tun_dst);
> return PACKET_REJECT;
> + }
>
> memcpy(md, pkt_md, sizeof(*md));
I agree with William that 'md' should never be NULL here, but that check existing
before your changes so removing it is a separate patch altogether.
Powered by blists - more mailing lists