netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH][RESEND] netfilter: ipv6: fix afinfo->route refcnt leak on error
@ 2011-10-19 11:23 Florian Westphal
  2011-10-20 10:28 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Florian Westphal @ 2011-10-19 11:23 UTC (permalink / raw)
  To: netfilter-devel

Several callers (h323 conntrack, xt_addrtype) assume that the
returned **dst only needs to be released if the function returns 0.

This is true for the ipv4 implementation, but not for the ipv6 one.

Instead of changing the users, change the ipv6 implementation
to behave like the ipv4 version by only providing the dst_entry result
in the success case.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 net/ipv6/netfilter.c |   13 ++++++++++---
 1 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/net/ipv6/netfilter.c b/net/ipv6/netfilter.c
index 30fcee4..8992cf6 100644
--- a/net/ipv6/netfilter.c
+++ b/net/ipv6/netfilter.c
@@ -100,9 +100,16 @@ static int nf_ip6_route(struct net *net, struct dst_entry **dst,
 		.pinet6 = (struct ipv6_pinfo *) &fake_pinfo,
 	};
 	const void *sk = strict ? &fake_sk : NULL;
-
-	*dst = ip6_route_output(net, sk, &fl->u.ip6);
-	return (*dst)->error;
+	struct dst_entry *result;
+	int err;
+
+	result = ip6_route_output(net, sk, &fl->u.ip6);
+	err = result->error;
+	if (err)
+		dst_release(result);
+	else
+		*dst = result;
+	return err;
 }
 
 __sum16 nf_ip6_checksum(struct sk_buff *skb, unsigned int hook,
-- 
1.7.3.4


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH][RESEND] netfilter: ipv6: fix afinfo->route refcnt leak on error
  2011-10-19 11:23 [PATCH][RESEND] netfilter: ipv6: fix afinfo->route refcnt leak on error Florian Westphal
@ 2011-10-20 10:28 ` Pablo Neira Ayuso
  0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2011-10-20 10:28 UTC (permalink / raw)
  To: Florian Westphal; +Cc: netfilter-devel

On Wed, Oct 19, 2011 at 01:23:06PM +0200, Florian Westphal wrote:
> Several callers (h323 conntrack, xt_addrtype) assume that the
> returned **dst only needs to be released if the function returns 0.
> 
> This is true for the ipv4 implementation, but not for the ipv6 one.
> 
> Instead of changing the users, change the ipv6 implementation
> to behave like the ipv4 version by only providing the dst_entry result
> in the success case.

Indeed, we're leaking refcounts of template routes defined in
net/ipv6/route.c

I have applied this patch to my nf branch:

http://1984.lsi.us.es/git/?p=net/.git;a=shortlog;h=refs/heads/nf

Thanks Florian.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-10-20 10:28 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-10-19 11:23 [PATCH][RESEND] netfilter: ipv6: fix afinfo->route refcnt leak on error Florian Westphal
2011-10-20 10:28 ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).