[PATCH] nfnetlink_log: fix silly refcount leak

[PATCH] nfnetlink_log: fix silly refcount leak

[Alexey Dobriyan]

Quick fix for memory/module refcount leak.
Reference count of listener instance never reaches 0.

Start/stop of ulogd2 is enough to trigger this bug!

Now, refcounting there looks very fishy in particular this code:

 	if (!try_module_get(THIS_MODULE)) {
		...

and creation of listener instance with refcount 2,
so it may very well be ripped and redone. :-)

Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
---

 net/netfilter/nfnetlink_log.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -784,7 +784,7 @@ nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb,
 			}
 
 			instance_destroy(inst);
-			goto out;
+			goto out_put;
 		default:
 			ret = -ENOTSUPP;
 			break;

Re: [PATCH] nfnetlink_log: fix silly refcount leak

[Patrick McHardy]

Alexey Dobriyan wrote:
> Quick fix for memory/module refcount leak.
> Reference count of listener instance never reaches 0.
> 
> Start/stop of ulogd2 is enough to trigger this bug!
> 
> Now, refcounting there looks very fishy in particular this code:
> 
>  	if (!try_module_get(THIS_MODULE)) {
> 		...
> 
> and creation of listener instance with refcount 2,
> so it may very well be ripped and redone. :-)

Applied, thanks Alexey.