lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 29 Mar 2014 17:01:02 -0400
From:	Dave Jones <davej@...hat.com>
To:	netdev@...r.kernel.org
Cc:	makita.toshiaki@....ntt.co.jp
Subject: new leaks in bridging code.

yesterdays bridging changes introduced leaks in the exit paths..

** CID 1194948:  Resource leak  (RESOURCE_LEAK)
/net/bridge/br_vlan.c: 196 in br_allowed_ingress()
/net/bridge/br_vlan.c: 218 in br_allowed_ingress()
/net/bridge/br_vlan.c: 220 in br_allowed_ingress()

*** CID 1194948:  Resource leak  (RESOURCE_LEAK)
/net/bridge/br_vlan.c: 196 in br_allowed_ingress()
190     
191     		/* Frame had a tag with VID 0 or did not have a tag.
192     		 * See if pvid is set on this port.  That tells us which
193     		 * vlan untagged or priority-tagged traffic belongs to.
194     		 */
195     		if (pvid == VLAN_N_VID)
>>>     CID 1194948:  Resource leak  (RESOURCE_LEAK)
>>>     Returning without freeing "skb" leaks the storage that it points to.
196     			return false;
197     
198     		/* PVID is set on this port.  Any untagged or priority-tagged
199     		 * ingress frame is considered to belong to this vlan.
200     		 */
201     		*vid = pvid;
/net/bridge/br_vlan.c: 218 in br_allowed_ingress()
212     
213     		return true;
214     	}
215     
216     	/* Frame had a valid vlan tag.  See if vlan is allowed */
217     	if (test_bit(*vid, v->vlan_bitmap))
>>>     CID 1194948:  Resource leak  (RESOURCE_LEAK)
>>>     Returning without freeing "skb" leaks the storage that it points to.
218     		return true;
219     
220     	return false;
221     }
222     
223     /* Called under RCU. */
/net/bridge/br_vlan.c: 220 in br_allowed_ingress()
214     	}
215     
216     	/* Frame had a valid vlan tag.  See if vlan is allowed */
217     	if (test_bit(*vid, v->vlan_bitmap))
218     		return true;
219     
>>>     CID 1194948:  Resource leak  (RESOURCE_LEAK)
>>>     Returning without freeing "skb" leaks the storage that it points to.
220     	return false;
221     }
222     
223     /* Called under RCU. */
224     bool br_allowed_egress(struct net_bridge *br,
225     		       const struct net_port_vlans *v,

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ