| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5338E6DE.8080702@lab.ntt.co.jp> Date: Mon, 31 Mar 2014 12:54:06 +0900 From: Toshiaki Makita <makita.toshiaki@....ntt.co.jp> To: Dave Jones <davej@...hat.com>, Toshiaki Makita <toshiaki.makita1@...il.com> CC: netdev@...r.kernel.org Subject: Re: new leaks in bridging code. (2014/03/30 11:47), Dave Jones wrote: > On Sun, Mar 30, 2014 at 11:28:21AM +0900, Toshiaki Makita wrote: > > On Sat, 2014-03-29 at 17:01 -0400, Dave Jones wrote: > > > yesterdays bridging changes introduced leaks in the exit paths.. > > > > > The patch has nothing to do with this memory leak. > > Good point, the checker only picked up it as 'new' because of the > additional call to vlan_untag. > > > It has existed since br_allowed_ingress was introduced. > > I'm working on fixing it. > > http://marc.info/?t=139598775400004&r=1&w=2 > > Great! (I'm behind on email so hadn't seen this thread). > Considering more deeply about why your checker claimed that vlan_untag() in br_allowed_ingress() is bad, I got an idea that it should have pointed out not resource leakage but double free of skb. vlan_untag() may free skbs, but we also free skbs in caller side (br_handle_frame_finish()) without updating skb pointers to NULL. I'll also fix this problem. Thanks, Toshiaki Makita -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists