| From 96f89cda291e0e047df5f8efb954fb5853697bea Mon Sep 17 00:00:00 2001 |
| From: Navid Emamdoost <navid.emamdoost@gmail.com> |
| Date: Fri, 22 Nov 2019 16:17:56 -0600 |
| Subject: [PATCH] sctp: Fix memory leak in sctp_sf_do_5_2_4_dupcook |
| |
| commit b6631c6031c746ed004c4221ec0616d7a520f441 upstream. |
| |
| In the implementation of sctp_sf_do_5_2_4_dupcook() the allocated |
| new_asoc is leaked if security_sctp_assoc_request() fails. Release it |
| via sctp_association_free(). |
| |
| Fixes: 2277c7cd75e3 ("sctp: Add LSM hooks") |
| Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com> |
| Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com> |
| Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com> |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c |
| index 2c244b29a199..9eeea0d8e4cf 100644 |
| --- a/net/sctp/sm_statefuns.c |
| +++ b/net/sctp/sm_statefuns.c |
| @@ -2160,8 +2160,10 @@ enum sctp_disposition sctp_sf_do_5_2_4_dupcook( |
| |
| /* Update socket peer label if first association. */ |
| if (security_sctp_assoc_request((struct sctp_endpoint *)ep, |
| - chunk->skb)) |
| + chunk->skb)) { |
| + sctp_association_free(new_asoc); |
| return sctp_sf_pdiscard(net, ep, asoc, type, arg, commands); |
| + } |
| |
| /* Set temp so that it won't be added into hashtable */ |
| new_asoc->temp = 1; |
| -- |
| 2.7.4 |
| |
