From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Ahern Subject: Re: [net-next][PATCH] net/ipv4: fix a net leak Date: Thu, 25 Oct 2018 12:46:14 -0600 Message-ID: <6b3baf53-3004-abac-ab49-9b2454858686@gmail.com> References: <1540373788-15078-1-git-send-email-lirongqing@baidu.com> <92af7409-6154-eb85-7d2f-56f5288b8894@gmail.com> <87lg6l7tq2.fsf@miraculix.mork.no> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Cc: Li RongQing , netdev@vger.kernel.org, David Miller To: =?UTF-8?Q?Bj=c3=b8rn_Mork?= Return-path: Received: from mail-pl1-f196.google.com ([209.85.214.196]:44735 "EHLO mail-pl1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727400AbeJZDUN (ORCPT ); Thu, 25 Oct 2018 23:20:13 -0400 Received: by mail-pl1-f196.google.com with SMTP id d23-v6so4249921pls.11 for ; Thu, 25 Oct 2018 11:46:17 -0700 (PDT) In-Reply-To: <87lg6l7tq2.fsf@miraculix.mork.no> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: On 10/25/18 12:43 PM, Bjørn Mork wrote: > > inet_valid_dump_ifaddr_req() will bail out with an error, but only > *after* setting fillargs->netnsid: > > if (i == IFA_TARGET_NETNSID) { > struct net *net; > > fillargs->netnsid = nla_get_s32(tb[i]); > > net = rtnl_get_net_ns_capable(sk, fillargs->netnsid); > if (IS_ERR(net)) { > NL_SET_ERR_MSG(extack, "ipv4: Invalid target network namespace id"); > return PTR_ERR(net); > } > *tgt_net = net; > } else { > > > > So inet_dump_ifaddr() ends up doing put_net(tgt_net): > > > err = inet_valid_dump_ifaddr_req(nlh, &fillargs, &tgt_net, > skb->sk, cb); > if (err < 0) > goto put_tgt_net; > .. > put_tgt_net: > if (fillargs.netnsid >= 0) > put_net(tgt_net); > > > > I believe you should set fillargs->netnsid back to -1 in the > inet_valid_dump_ifaddr_req() error path, or use a temp variable to avoid > changing it unless get_net is successful. good point. either use of an intermediate or resetting nsid on failure. Will you send a patch to fix ipv4 and v6? Thanks,