| From foo@baz Thu Dec 21 09:02:40 CET 2017 |
| From: Jeffy Chen <jeffy.chen@rock-chips.com> |
| Date: Tue, 21 Mar 2017 15:07:10 +0800 |
| Subject: netfilter: nfnl_cthelper: Fix memory leak |
| |
| From: Jeffy Chen <jeffy.chen@rock-chips.com> |
| |
| |
| [ Upstream commit f83bf8da1135ca635aac8f062cad3f001fcf3a26 ] |
| |
| We have memory leaks of nf_conntrack_helper & expect_policy. |
| |
| Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com> |
| Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> |
| Signed-off-by: Sasha Levin <alexander.levin@verizon.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/netfilter/nfnetlink_cthelper.c | 12 +++++++++--- |
| 1 file changed, 9 insertions(+), 3 deletions(-) |
| |
| --- a/net/netfilter/nfnetlink_cthelper.c |
| +++ b/net/netfilter/nfnetlink_cthelper.c |
| @@ -216,7 +216,7 @@ nfnl_cthelper_create(const struct nlattr |
| |
| ret = nfnl_cthelper_parse_expect_policy(helper, tb[NFCTH_POLICY]); |
| if (ret < 0) |
| - goto err; |
| + goto err1; |
| |
| strncpy(helper->name, nla_data(tb[NFCTH_NAME]), NF_CT_HELPER_NAME_LEN); |
| helper->data_len = ntohl(nla_get_be32(tb[NFCTH_PRIV_DATA_LEN])); |
| @@ -247,10 +247,12 @@ nfnl_cthelper_create(const struct nlattr |
| |
| ret = nf_conntrack_helper_register(helper); |
| if (ret < 0) |
| - goto err; |
| + goto err2; |
| |
| return 0; |
| -err: |
| +err2: |
| + kfree(helper->expect_policy); |
| +err1: |
| kfree(helper); |
| return ret; |
| } |
| @@ -696,6 +698,8 @@ static int nfnl_cthelper_del(struct net |
| |
| found = true; |
| nf_conntrack_helper_unregister(cur); |
| + kfree(cur->expect_policy); |
| + kfree(cur); |
| } |
| } |
| /* Make sure we return success if we flush and there is no helpers */ |
| @@ -759,6 +763,8 @@ static void __exit nfnl_cthelper_exit(vo |
| continue; |
| |
| nf_conntrack_helper_unregister(cur); |
| + kfree(cur->expect_policy); |
| + kfree(cur); |
| } |
| } |
| } |