diff mbox

[nf] netfilter: nf_tables: fix memory leak if expr init fails

Message ID 1466428305-58285-1-git-send-email-zlpnobody@163.com
State Accepted
Delegated to: Pablo Neira
Headers show

Commit Message

Liping Zhang June 20, 2016, 1:11 p.m. UTC 
From: Liping Zhang <liping.zhang@spreadtrum.com>

If expr init fails then we need to free it.

So when the user add a nft rule as follows:
  # nft add rule filter input tcp dport 22 flow table ssh \
    { ip saddr limit rate 0/second }
memory leak will happen.

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
---
 net/netfilter/nf_tables_api.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Comments

Pablo Neira Ayuso June 23, 2016, 11:03 a.m. UTC | #1 
On Mon, Jun 20, 2016 at 09:11:45PM +0800, Liping Zhang wrote:
> From: Liping Zhang <liping.zhang@spreadtrum.com>
> 
> If expr init fails then we need to free it.
> 
> So when the user add a nft rule as follows:
>   # nft add rule filter input tcp dport 22 flow table ssh \
>     { ip saddr limit rate 0/second }
> memory leak will happen.

Applied to nf, thanks!
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 2c88187..cf7c745 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1724,9 +1724,11 @@  struct nft_expr *nft_expr_init(const struct nft_ctx *ctx,
 
 	err = nf_tables_newexpr(ctx, &info, expr);
 	if (err < 0)
-		goto err2;
+		goto err3;
 
 	return expr;
+err3:
+	kfree(expr);
 err2:
 	module_put(info.ops->type->owner);
 err1: