Re: [PATCH v4] iproute2: prevent memory leak

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Stephen Hemminger <stephen@networkplumber.org>
To: Andrea Claudi <aclaudi@redhat.com>
Cc: heminhong <heminhong@kylinos.cn>,
	petrm@nvidia.com, netdev@vger.kernel.org
Subject: Re: [PATCH v4] iproute2: prevent memory leak
Date: Thu, 16 Nov 2023 19:31:09 -0800	[thread overview]
Message-ID: <20231116193109.37ef55b8@hermes.local> (raw)
In-Reply-To: <ZVa2Oha4ahHnYw16@renaissance-vector>

On Fri, 17 Nov 2023 01:45:51 +0100
Andrea Claudi <aclaudi@redhat.com> wrote:

> On Thu, Nov 16, 2023 at 03:05:21PM -0800, Stephen Hemminger wrote:
> > On Thu, 16 Nov 2023 11:13:08 +0800
> > heminhong <heminhong@kylinos.cn> wrote:
> >   
> > > When the return value of rtnl_talk() is not less than 0,
> > > 'answer' will be allocated. The 'answer' should be free
> > > after using, otherwise it will cause memory leak.
> > > 
> > > Signed-off-by: heminhong <heminhong@kylinos.cn>  
> > 
> > I am skeptical, what is the code path through rtn_talk() that
> > returns non zero, and allocates answer.  If so, that should be fixed
> > there.
> > 
> > In current code, the returns are:
> > 	- sendmsg() fails
> > 	- recvmsg() fails
> > 	- truncated message
> > 	
> > The paths that set answer are returning 0  
> 
> IMHO the memory leak is in the same functions this is patching.
> For example, in ip/link_gre.c:122 we are effectively returning after
> having answer allocated correctly by rtnl_talk().
> 
> The confusion here stems from the fact we are jumping into the error
> path of rtnl_talk() after rtnl_talk() executed fine.
> 


So looks like a GRE etc bug introduced by the change to parsing.
Should add:

Fixes: a066cc6623e1 ("gre/gre6: Unify local/remote endpoint address parsing")
Cc: serhe.popovych@gmail.com

next prev parent reply	other threads:[~2023-11-17  3:31 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-11-14  9:24 [PATCH] iproute2: prevent memory leak heminhong
2023-11-15  0:36 ` Stephen Hemminger
2023-11-15  2:37   ` [PATCH v2] " heminhong
2023-11-15  3:32     ` Florian Westphal
2023-11-15  3:33     ` Stephen Hemminger
2023-11-15  7:56       ` [PATCH v3] " heminhong
2023-11-15 10:23         ` Petr Machata
2023-11-16  3:13           ` [PATCH v4] " heminhong
2023-11-16 12:04             ` Andrea Claudi
2023-11-16 23:05             ` Stephen Hemminger
2023-11-17  0:45               ` Andrea Claudi
2023-11-17  3:31                 ` Stephen Hemminger [this message]
2023-11-17 17:20             ` patchwork-bot+netdevbpf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231116193109.37ef55b8@hermes.local \
    --to=stephen@networkplumber.org \
    --cc=aclaudi@redhat.com \
    --cc=heminhong@kylinos.cn \
    --cc=netdev@vger.kernel.org \
    --cc=petrm@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.