diff options
| author | Jesper Nilsson <jesper.nilsson@axis.com> | 2009-03-27 00:17:45 -0700 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2009-05-02 10:23:51 -0700 |
| commit | d1a2496e6da4dc33279e9037b58c397cb5d19436 (patch) | |
| tree | d42f1618993792590d16935c446af2c4963aa441 /net/sctp/debug.c | |
| parent | 85eb5c9c29cfa13327464846933f9a23330ab935 (diff) | |
ipv6: Plug sk_buff leak in ipv6_rcv (net/ipv6/ip6_input.c)
[ Upstream commit 71f6f6dfdf7c7a67462386d9ea05c1095a89c555 ]
Commit 778d80be52699596bf70e0eb0761cf5e1e46088d
(ipv6: Add disable_ipv6 sysctl to disable IPv6 operaion on specific interface)
seems to have introduced a leak of sk_buff's for ipv6 traffic,
at least in some configurations where idev is NULL, or when ipv6
is disabled via sysctl.
The problem is that if the first condition of the if-statement
returns non-NULL, it returns an skb with only one reference,
and when the other conditions apply, execution jumps to the "out"
label, which does not call kfree_skb for it.
To plug this leak, change to use the "drop" label instead.
(this relies on it being ok to call kfree_skb on NULL)
This also allows us to avoid calling rcu_read_unlock here,
and removes the only user of the "out" label.
Signed-off-by: Jesper Nilsson <jesper.nilsson@axis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'net/sctp/debug.c')
0 files changed, 0 insertions, 0 deletions