From: Sasha Levin <sashal@kernel.org>
To: stable@vger.kernel.org, linux-kernel@vger.kernel.org
Cc: Taehee Yoo <ap420073@gmail.com>,
Pablo Neira Ayuso <pablo@netfilter.org>,
Sasha Levin <sashal@kernel.org>,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 4.14 17/69] netfilter: xt_hashlimit: fix a possible memory leak in htable_create()
Date: Wed, 5 Dec 2018 04:41:55 -0500 [thread overview]
Message-ID: <20181205094247.6556-17-sashal@kernel.org> (raw)
In-Reply-To: <20181205094247.6556-1-sashal@kernel.org>
From: Taehee Yoo <ap420073@gmail.com>
[ Upstream commit b4e955e9f372035361fbc6f07b21fe2cc6a5be4a ]
In the htable_create(), hinfo is allocated by vmalloc()
So that if error occurred, hinfo should be freed.
Fixes: 11d5f15723c9 ("netfilter: xt_hashlimit: Create revision 2 to support higher pps rates")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/netfilter/xt_hashlimit.c | 9 +++------
1 file changed, 3 insertions(+), 6 deletions(-)
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 0c034597b9b8..fe8e8a1622b5 100644
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -295,9 +295,10 @@ static int htable_create(struct net *net, struct hashlimit_cfg3 *cfg,
/* copy match config into hashtable config */
ret = cfg_copy(&hinfo->cfg, (void *)cfg, 3);
-
- if (ret)
+ if (ret) {
+ vfree(hinfo);
return ret;
+ }
hinfo->cfg.size = size;
if (hinfo->cfg.max == 0)
@@ -814,7 +815,6 @@ hashlimit_mt_v1(const struct sk_buff *skb, struct xt_action_param *par)
int ret;
ret = cfg_copy(&cfg, (void *)&info->cfg, 1);
-
if (ret)
return ret;
@@ -830,7 +830,6 @@ hashlimit_mt_v2(const struct sk_buff *skb, struct xt_action_param *par)
int ret;
ret = cfg_copy(&cfg, (void *)&info->cfg, 2);
-
if (ret)
return ret;
@@ -920,7 +919,6 @@ static int hashlimit_mt_check_v1(const struct xt_mtchk_param *par)
return ret;
ret = cfg_copy(&cfg, (void *)&info->cfg, 1);
-
if (ret)
return ret;
@@ -939,7 +937,6 @@ static int hashlimit_mt_check_v2(const struct xt_mtchk_param *par)
return ret;
ret = cfg_copy(&cfg, (void *)&info->cfg, 2);
-
if (ret)
return ret;
--
2.17.1
next prev parent reply other threads:[~2018-12-05 9:41 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-05 9:41 [PATCH AUTOSEL 4.14 01/69] ARM: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 03/69] iio:st_magn: Fix enable device after trigger Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 05/69] ARM: dts: logicpd-somlv: Fix interrupt on mmc3_dat1 Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 06/69] ARM: OMAP1: ams-delta: Fix possible use of uninitialized field Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 08/69] selftests: add script to stress-test nft packet path vs. control plane sashal
2018-12-05 9:41 ` Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 09/69] netfilter: nf_tables: fix use-after-free when deleting compat expressions Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 10/69] hwmon (ina2xx) Fix NULL id pointer in probe() Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 12/69] s390/cpum_cf: Reject request for sampling in event initialization Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 13/69] hwmon: (ina2xx) Fix current value calculation Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 14/69] ASoC: omap-abe-twl6040: Fix missing audio card caused by deferred probing Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 16/69] iio/hid-sensors: Fix IIO_CHAN_INFO_RAW returning wrong values for signed numbers Sasha Levin
2018-12-05 9:41 ` Sasha Levin [this message]
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 18/69] hwmon: (w83795) temp4_type has writable permission Sasha Levin
2018-12-05 9:41 ` [PATCH AUTOSEL 4.14 20/69] PCI: imx6: Fix link training status detection in link up check Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 23/69] ARM: dts: at91: sama5d2: use the divided clock for SMC Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 24/69] Btrfs: send, fix infinite loop due to directory rename dependencies Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 25/69] RDMA/mlx5: Fix fence type for IB_WR_LOCAL_INV WR Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 26/69] RDMA/rdmavt: Fix rvt_create_ah function signature Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 28/69] ASoC: omap-mcbsp: Fix latency value calculation for pm_qos Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 29/69] ASoC: omap-mcpdm: Add pm_qos handling to avoid under/overruns with CPU_IDLE Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 30/69] ASoC: omap-dmic: Add pm_qos handling to avoid overruns " Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 33/69] ipvs: call ip_vs_dst_notifier earlier than ipv6_dev_notf Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 39/69] drm/meson: add support for 1080p25 mode Sasha Levin
2018-12-05 9:42 ` Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 40/69] netfilter: ipv6: Preserve link scope traffic original oif Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 41/69] IB/mlx5: Fix page fault handling for MW Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 42/69] KVM: x86: fix empty-body warnings Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 43/69] x86/kvm/vmx: fix old-style function declaration Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 46/69] netfilter: nf_tables: deactivate expressions in rule replecement routine Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 52/69] s390/qeth: fix length check in SNMP processing Sasha Levin
[not found] ` <20181205094247.6556-1-sashal-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 53/69] drm/amdgpu: Add delay after enable RLC ucode Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 54/69] drm/ast: fixed reading monitor EDID not stable issue Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 60/69] nvme: flush namespace scanning work just before removing namespaces Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 61/69] ACPI/IORT: Fix iort_get_platform_device_domain() uninitialized pointer value Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 65/69] mm/page_alloc.c: fix calculation of pgdat->nr_zones Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 66/69] hfs: do not free node before using Sasha Levin
2018-12-05 9:42 ` [PATCH AUTOSEL 4.14 67/69] hfsplus: " Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181205094247.6556-17-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=ap420073@gmail.com \
--cc=coreteam@netfilter.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.