[GIT PULL] Second Round of IPVS Fixes for v3.20

[GIT PULL] Second Round of IPVS Fixes for v3.20

[Simon Horman]

Hi Pablo,

please consider this fix for v3.20.

This patch resolves some memory leaks in connection
synchronisation code that date back to v2.6.39.


The following changes since commit 78296c97ca1fd3b104f12e1f1fbc06c46635990b:

  netfilter: xt_socket: fix a stack corruption bug (2015-02-16 17:00:48 +0100)

are available in the git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs.git tags/ipvs-fixes2-for-v3.20

for you to fetch changes up to 528c943f3bb919aef75ab2fff4f00176f09a4019:

  ipvs: add missing ip_vs_pe_put in sync code (2015-02-22 16:16:36 -0500)

----------------------------------------------------------------
Julian Anastasov (1):
      ipvs: add missing ip_vs_pe_put in sync code

 net/netfilter/ipvs/ip_vs_sync.c | 3 +++
 1 file changed, 3 insertions(+)

[PATCH] ipvs: add missing ip_vs_pe_put in sync code

[Simon Horman]

From: Julian Anastasov <ja@ssi.bg>

ip_vs_conn_fill_param_sync() gets in param.pe a module
reference for persistence engine from __ip_vs_pe_getbyname()
but forgets to put it. Problem occurs in backup for
sync protocol v1 (2.6.39).

Also, pe_data usually comes in sync messages for
connection templates and ip_vs_conn_new() copies
the pointer only in this case. Make sure pe_data
is not leaked if it comes unexpectedly for normal
connections. Leak can happen only if bogus messages
are sent to backup server.

Fixes: fe5e7a1efb66 ("IPVS: Backup, Adding Version 1 receive capability")
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
---
 net/netfilter/ipvs/ip_vs_sync.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index c47ffd7..d93ceeb 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -896,6 +896,8 @@ static void ip_vs_proc_conn(struct net *net, struct ip_vs_conn_param *param,
 			IP_VS_DBG(2, "BACKUP, add new conn. failed\n");
 			return;
 		}
+		if (!(flags & IP_VS_CONN_F_TEMPLATE))
+			kfree(param->pe_data);
 	}
 
 	if (opt)
@@ -1169,6 +1171,7 @@ static inline int ip_vs_proc_sync_conn(struct net *net, __u8 *p, __u8 *msg_end)
 				(opt_flags & IPVS_OPT_F_SEQ_DATA ? &opt : NULL)
 				);
 #endif
+	ip_vs_pe_put(param.pe);
 	return 0;
 	/* Error exit */
 out:
-- 
2.1.4

Re: [GIT PULL] Second Round of IPVS Fixes for v3.20

[Pablo Neira Ayuso]

On Sun, Feb 22, 2015 at 04:24:59PM -0500, Simon Horman wrote:
> Hi Pablo,
> 
> please consider this fix for v3.20.
> 
> This patch resolves some memory leaks in connection
> synchronisation code that date back to v2.6.39.

Pulled, thanks.

Applied cleanly starting 3.10 here.