lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b90aafd60f264e4e2dd3367974f3bd16c3f17fa8.camel@nuclearcat.com>
Date:   Sat, 11 Feb 2023 01:46:37 +0200
From:   Denys Fedoryshchenko <nuclearcat@...learcat.com>
To:     netdev@...r.kernel.org
Subject: [PATCH iproute2] libnetlink.c: Fix memory leak in batch mode

During testing we noticed significant memory leak that is easily
reproducible and detectable with valgrind:

==2006284== 393,216 bytes in 12 blocks are definitely lost in loss record 5 of 5
==2006284==    at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==2006284==    by 0x18C73E: rtnl_recvmsg (libnetlink.c:830)
==2006284==    by 0x18CF9E: __rtnl_talk_iov (libnetlink.c:1032)
==2006284==    by 0x18D3CE: __rtnl_talk (libnetlink.c:1140)
==2006284==    by 0x18D4DE: rtnl_talk (libnetlink.c:1168)
==2006284==    by 0x11BF04: tc_filter_modify (tc_filter.c:224)
==2006284==    by 0x11DD70: do_filter (tc_filter.c:748)
==2006284==    by 0x116B06: do_cmd (tc.c:210)
==2006284==    by 0x116C7C: tc_batch_cmd (tc.c:231)
==2006284==    by 0x1796F2: do_batch (utils.c:1701)
==2006284==    by 0x116D05: batch (tc.c:246)
==2006284==    by 0x117327: main (tc.c:331)
==2006284==
==2006284== LEAK SUMMARY:
==2006284==    definitely lost: 884,736 bytes in 27 blocks

In case nlmsg_type == NLMSG_ERROR and if answer set to NULL, we
should free(buf) too.

Signed-off-by: Denys Fedoryshchenko <denys.f@...labora.com>
---
 lib/libnetlink.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/libnetlink.c b/lib/libnetlink.c
index c8976043..68360b0f 100644
--- a/lib/libnetlink.c
+++ b/lib/libnetlink.c
@@ -1099,6 +1099,8 @@ next:
 
 				if (answer)
 					*answer = (struct nlmsghdr *)buf;
+				else
+					free(buf);
 				return 0;
 			}
 
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ