lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 23 Nov 2007 19:13:11 +0300
From:	Pavel Emelyanov <>
To:	Herbert Xu <>
CC:	Linux Netdev List <>,
Subject: [PATCH] Fix memory leak in inet_hashtables.h when NUMA is on

The inet_ehash_locks_alloc() looks like this:

	if (size > PAGE_SIZE)
		x = vmalloc(...);
		x = kmalloc(...);

Unlike it, the inet_ehash_locks_alloc() looks like this:

	if (size > PAGE_SIZE)

The error is obvious - if the NUMA is on and the size
is less than the PAGE_SIZE we leak the pointer (kfree is
inside the #else branch).

Compiler doesn't warn us because after the kfree(x) there's
a "x = NULL" assignment, so here's another (minor?) bug: we 
don't set x to NULL under certain circumstances.

Boring explanation, I know... Patch explains it better.

Signed-off-by: Pavel Emelyanov <>


diff --git a/include/net/inet_hashtables.h b/include/net/inet_hashtables.h
index 469216d..37f6cb1 100644
--- a/include/net/inet_hashtables.h
+++ b/include/net/inet_hashtables.h
@@ -186,9 +186,8 @@ static inline void inet_ehash_locks_free(struct inet_hashinfo *hashinfo)
 		if (size > PAGE_SIZE)
-		kfree(hashinfo->ehash_locks);
+		kfree(hashinfo->ehash_locks);
 		hashinfo->ehash_locks = NULL;
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists