| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250719101852.31514-1-ant.v.moryakov@gmail.com>
Date: Sat, 19 Jul 2025 13:18:52 +0300
From: Anton Moryakov <ant.v.moryakov@...il.com>
To: netdev@...r.kernel.org
Cc: Anton Moryakov <ant.v.moryakov@...il.com>
Subject: [PATCH iproute2-next] misc: fix memory leak in ifstat.c
A memory leak was detected by the static analyzer SVACE in the function
get_nlmsg_extended(). The issue occurred when parsing extended interface
statistics failed due to a missing nested attribute. In this case,
memory allocated for 'n->name' via strdup() was not freed before returning,
resulting in a leak.
The fix adds an explicit 'free(n->name)' call before freeing the containing
structure in the error path.
Reported-by: SVACE static analyzer
Signed-off-by: Anton Moryakov <ant.v.moryakov@...il.com>
---
misc/ifstat.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/misc/ifstat.c b/misc/ifstat.c
index 4ce5ca8a..5b59fd8f 100644
--- a/misc/ifstat.c
+++ b/misc/ifstat.c
@@ -139,6 +139,7 @@ static int get_nlmsg_extended(struct nlmsghdr *m, void *arg)
attr = parse_rtattr_one_nested(sub_type, tb[filter_type]);
if (attr == NULL) {
free(n);
+ free(n->name);
return 0;
}
memcpy(&n->val, RTA_DATA(attr), sizeof(n->val));
--
2.39.2
Powered by blists - more mailing lists