| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20221024144753.479152-1-windhl@126.com>
Date: Mon, 24 Oct 2022 22:47:53 +0800
From: Liang He <windhl@....com>
To: davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, netdev@...r.kernel.org, windhl@....com
Subject: [PATCH] appletalk: Fix potential refcount leak
In atrtr_create(), we have added a dev_hold for the new reference.
However, based on the code, if the 'rt' is not NULL and its 'dev'
is not NULL, we should use dev_put() for the replaced reference.
Signed-off-by: Liang He <windhl@....com>
---
net/appletalk/ddp.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/appletalk/ddp.c b/net/appletalk/ddp.c
index a06f4d4a6f47..7e317d6448d1 100644
--- a/net/appletalk/ddp.c
+++ b/net/appletalk/ddp.c
@@ -564,6 +564,7 @@ static int atrtr_create(struct rtentry *r, struct net_device *devhint)
/* Fill in the routing entry */
rt->target = ta->sat_addr;
dev_hold(devhint);
+ dev_put(rt->dev);
rt->dev = devhint;
rt->flags = r->rt_flags;
rt->gateway = ga->sat_addr;
--
2.25.1
Powered by blists - more mailing lists