Message ID | 20200116100931.ot2ef4jvsw4ldye2@kili.mountain |
---|---|
State | Awaiting Upstream |
Delegated to: | David Miller |
Headers | show |
Series | netfilter: nf_tables: fix memory leak in nf_tables_parse_netdev_hooks() | expand |
Dan Carpenter <dan.carpenter@oracle.com> wrote: > Syzbot detected a leak in nf_tables_parse_netdev_hooks(). If the hook > already exists, then the error handling doesn't free the newest "hook". Thanks. Reviewed-by: Florian Westphal <fw@strlen.de>
On Thu, Jan 16, 2020 at 01:09:31PM +0300, Dan Carpenter wrote: > Syzbot detected a leak in nf_tables_parse_netdev_hooks(). If the hook > already exists, then the error handling doesn't free the newest "hook". Applied, thanks.
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 273f3838318b..7728e9fd5de4 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1676,6 +1676,7 @@ static int nf_tables_parse_netdev_hooks(struct net *net, goto err_hook; } if (nft_hook_list_find(hook_list, hook)) { + kfree(hook); err = -EEXIST; goto err_hook; }
Syzbot detected a leak in nf_tables_parse_netdev_hooks(). If the hook already exists, then the error handling doesn't free the newest "hook". Reported-by: syzbot+f9d4095107fc8749c69c@syzkaller.appspotmail.com Fixes: b75a3e8371bc ("netfilter: nf_tables: allow netdevice to be used only once per flowtable") Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> --- net/netfilter/nf_tables_api.c | 1 + 1 file changed, 1 insertion(+)