releases/4.9.72/netfilter-nfnl_cthelper-fix-memory-leak.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From foo@baz Thu Dec 21 09:02:40 CET 2017
 From: Jeffy Chen <jeffy.chen@rock-chips.com>
 Date: Tue, 21 Mar 2017 15:07:10 +0800
 Subject: netfilter: nfnl_cthelper: Fix memory leak

 From: Jeffy Chen <jeffy.chen@rock-chips.com>


 [ Upstream commit f83bf8da1135ca635aac8f062cad3f001fcf3a26 ]

 We have memory leaks of nf_conntrack_helper & expect_policy.

 Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 ---
  net/netfilter/nfnetlink_cthelper.c |   12 +++++++++---
  1 file changed, 9 insertions(+), 3 deletions(-)

 --- a/net/netfilter/nfnetlink_cthelper.c
 +++ b/net/netfilter/nfnetlink_cthelper.c
 @@ -216,7 +216,7 @@ nfnl_cthelper_create(const struct nlattr

  	ret = nfnl_cthelper_parse_expect_policy(helper, tb[NFCTH_POLICY]);
  	if (ret < 0)
 -		goto err;
 +		goto err1;

  	strncpy(helper->name, nla_data(tb[NFCTH_NAME]), NF_CT_HELPER_NAME_LEN);
  	helper->data_len = ntohl(nla_get_be32(tb[NFCTH_PRIV_DATA_LEN]));
 @@ -247,10 +247,12 @@ nfnl_cthelper_create(const struct nlattr

  	ret = nf_conntrack_helper_register(helper);
  	if (ret < 0)
 -		goto err;
 +		goto err2;

  	return 0;
 -err:
 +err2:
 +	kfree(helper->expect_policy);
 +err1:
  	kfree(helper);
  	return ret;
  }
 @@ -696,6 +698,8 @@ static int nfnl_cthelper_del(struct net

  			found = true;
  			nf_conntrack_helper_unregister(cur);
 +			kfree(cur->expect_policy);
 +			kfree(cur);
  		}
  	}
  	/* Make sure we return success if we flush and there is no helpers */
 @@ -759,6 +763,8 @@ static void __exit nfnl_cthelper_exit(vo
  				continue;

  			nf_conntrack_helper_unregister(cur);
 +			kfree(cur->expect_policy);
 +			kfree(cur);
  		}
  	}
  }
	From foo@baz Thu Dec 21 09:02:40 CET 2017
	From: Jeffy Chen <jeffy.chen@rock-chips.com>
	Date: Tue, 21 Mar 2017 15:07:10 +0800
	Subject: netfilter: nfnl_cthelper: Fix memory leak

	From: Jeffy Chen <jeffy.chen@rock-chips.com>


	[ Upstream commit f83bf8da1135ca635aac8f062cad3f001fcf3a26 ]

	We have memory leaks of nf_conntrack_helper & expect_policy.

	Signed-off-by: Jeffy Chen <jeffy.chen@rock-chips.com>
	Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
	Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	---
	net/netfilter/nfnetlink_cthelper.c \| 12 +++++++++---
	1 file changed, 9 insertions(+), 3 deletions(-)

	--- a/net/netfilter/nfnetlink_cthelper.c
	+++ b/net/netfilter/nfnetlink_cthelper.c
	@@ -216,7 +216,7 @@ nfnl_cthelper_create(const struct nlattr

	ret = nfnl_cthelper_parse_expect_policy(helper, tb[NFCTH_POLICY]);
	if (ret < 0)
	- goto err;
	+ goto err1;

	strncpy(helper->name, nla_data(tb[NFCTH_NAME]), NF_CT_HELPER_NAME_LEN);
	helper->data_len = ntohl(nla_get_be32(tb[NFCTH_PRIV_DATA_LEN]));
	@@ -247,10 +247,12 @@ nfnl_cthelper_create(const struct nlattr

	ret = nf_conntrack_helper_register(helper);
	if (ret < 0)
	- goto err;
	+ goto err2;

	return 0;
	-err:
	+err2:
	+ kfree(helper->expect_policy);
	+err1:
	kfree(helper);
	return ret;
	}
	@@ -696,6 +698,8 @@ static int nfnl_cthelper_del(struct net

	found = true;
	nf_conntrack_helper_unregister(cur);
	+ kfree(cur->expect_policy);
	+ kfree(cur);
	}
	}
	/* Make sure we return success if we flush and there is no helpers */
	@@ -759,6 +763,8 @@ static void __exit nfnl_cthelper_exit(vo
	continue;

	nf_conntrack_helper_unregister(cur);
	+ kfree(cur->expect_policy);
	+ kfree(cur);
	}
	}
	}