lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
[an error occurred while processing this directive]
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANn89iLKpJaF0VcWxqCUuouJw8mZ4Fjk_cc89yMmuZWCLx70-w@mail.gmail.com>
Date: Wed, 3 Sep 2025 04:18:38 -0700
From: Eric Dumazet <edumazet@...gle.com>
To: Qingfang Deng <dqfext@...il.com>
Cc: Andrew Lunn <andrew+netdev@...n.ch>, "David S. Miller" <davem@...emloft.net>, 
	Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Paul Mackerras <paulus@...abs.org>, 
	Matt Domsch <Matt_Domsch@...l.com>, Andrew Morton <akpm@...l.org>, 
	Brice Goglin <Brice.Goglin@...-lyon.org>, linux-ppp@...r.kernel.org, 
	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net] ppp: fix memory leak in pad_compress_skb

On Wed, Sep 3, 2025 at 3:07 AM Qingfang Deng <dqfext@...il.com> wrote:
>
> If alloc_skb() fails in pad_compress_skb(), it returns NULL without
> releasing the old skb. The caller does:
>
>     skb = pad_compress_skb(ppp, skb);
>     if (!skb)
>         goto drop;
>
> drop:
>     kfree_skb(skb);
>
> When pad_compress_skb() returns NULL, the reference to the old skb is
> lost and kfree_skb(skb) ends up doing nothing, leading to a memory leak.
>
> Align pad_compress_skb() semantics with realloc(): only free the old
> skb if allocation and compression succeed.  At the call site, use the
> new_skb variable so the original skb is not lost when pad_compress_skb()
> fails.
>
> Fixes: b3f9b92a6ec1 ("[PPP]: add PPP MPPE encryption module")
> Signed-off-by: Qingfang Deng <dqfext@...il.com>
> ---

Reviewed-by: Eric Dumazet <edumazet@...gle.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ