Re: [PATCH 3/3] netfilter: xt_CT: remove a compile warning

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: netdev@vger.kernel.org
Subject: Re: [PATCH 3/3] netfilter: xt_CT: remove a compile warning
Date: Tue, 3 Apr 2012 16:52:10 +0200	[thread overview]
Message-ID: <20120403145210.GA31196@1984> (raw)
In-Reply-To: <201204032328.CDE78687.tQOHSLVFOFMJOF@I-love.SAKURA.ne.jp>

[-- Attachment #1: Type: text/plain, Size: 1288 bytes --]

On Tue, Apr 03, 2012 at 11:28:50PM +0900, Tetsuo Handa wrote:
> Pablo Neira Ayuso wrote:
> > A bit better patch, no need to hold rcu_read_lock again in
> > xt_ct_tg_timeout_put (even if that doesn't harm).
> 
> Patch looks OK.
> 
> By the way,
> 
> 665 static struct nf_conn *
> 666 __nf_conntrack_alloc(struct net *net, u16 zone,
> 667                      const struct nf_conntrack_tuple *orig,
> 668                      const struct nf_conntrack_tuple *repl,
> 669                      gfp_t gfp, u32 hash)
> 670 {
> (...snipped...)
> 680         atomic_inc(&net->ct.count);
> (...snipped...)
> 698         ct = kmem_cache_alloc(net->ct.nf_conntrack_cachep, gfp);
> 699         if (ct == NULL) {
> 700                 atomic_dec(&net->ct.count);
> 701                 return ERR_PTR(-ENOMEM);
> 702         }
> (...snipped...)
> 720         if (zone) {
> 721                 struct nf_conntrack_zone *nf_ct_zone;
> 722 
> 723                 nf_ct_zone = nf_ct_ext_add(ct, NF_CT_EXT_ZONE, GFP_ATOMIC);
> 724                 if (!nf_ct_zone)
> 725                         goto out_free;
> 726                 nf_ct_zone->id = zone;
> 727         }
> (...snipped...)
> 737 out_free:
> 
> I think we want to call atomic_dec() here.

Good catch :-).

Patch to address this issue follows.

[-- Attachment #2: 0001-netfilter-nf_conntrack-fix-count-leak-in-error-path-.patch --]
[-- Type: text/x-diff, Size: 991 bytes --]

>From 0fca4d604c0898128014bc03ef965e0cf187a5e9 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 3 Apr 2012 16:45:54 +0200
Subject: [PATCH] netfilter: nf_conntrack: fix count leak in error path of __nf_conntrack_alloc

We have to decrement the conntrack counter if we fail to access the
zone extension.

Reported-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 net/netfilter/nf_conntrack_core.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index cbdb754..3cc4487 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -735,6 +735,7 @@ __nf_conntrack_alloc(struct net *net, u16 zone,
 
 #ifdef CONFIG_NF_CONNTRACK_ZONES
 out_free:
+	atomic_dec(&net->ct.count);
 	kmem_cache_free(net->ct.nf_conntrack_cachep, ct);
 	return ERR_PTR(-ENOMEM);
 #endif
-- 
1.7.2.5

next prev parent reply	other threads:[~2012-04-03 14:52 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-04-03 10:13 [PATCH 0/3] netfilter fixes for 3.4-rc1 pablo
2012-04-03 10:13 ` [PATCH 1/3] netfilter: xt_LOG: don't use xchg() for simple assignment pablo
2012-04-03 10:13 ` [PATCH 2/3] netfilter: ipset: avoid use of kernel-only types pablo
2012-04-03 10:13 ` [PATCH 3/3] netfilter: xt_CT: remove a compile warning pablo
2012-04-03 10:27   ` Tetsuo Handa
2012-04-03 10:31     ` Pablo Neira Ayuso
2012-04-03 10:39     ` Pablo Neira Ayuso
2012-04-03 23:17       ` David Miller
2012-04-03 11:48     ` Tetsuo Handa
2012-04-03 12:09       ` Pablo Neira Ayuso
2012-04-03 12:28         ` Tetsuo Handa
2012-04-03 12:57           ` Pablo Neira Ayuso
2012-04-03 13:06             ` Pablo Neira Ayuso
2012-04-03 14:28               ` Tetsuo Handa
2012-04-03 14:52                 ` Pablo Neira Ayuso [this message]
2012-04-03 23:21                   ` David Miller
2012-04-03 23:20               ` David Miller

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:cbdb754 dfblob:3cc4487 )
 OR (
bs:"netfilter: nf_conntrack: fix count leak in error path of __nf_conntrack_alloc" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20120403145210.GA31196@1984 \
    --to=pablo@netfilter.org \
    --cc=netdev@vger.kernel.org \
    --cc=penguin-kernel@I-love.SAKURA.ne.jp \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).