Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-13 01:08:50 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

netfilter: nf_tables: fix memory leak in nf_tables_parse_netdev_hooks()

Browse Source 
Syzbot detected a leak in nf_tables_parse_netdev_hooks().  If the hook
already exists, then the error handling doesn't free the newest "hook".

Reported-by: syzbot+f9d4095107fc8749c69c@syzkaller.appspotmail.com
Fixes: b75a3e8371bc ("netfilter: nf_tables: allow netdevice to be used only once per flowtable")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Dan Carpenter 2020-01-16 13:09:31 +03:00 committed by Pablo Neira Ayuso
parent 9332d27d79
commit cd77e75b5e
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
net/netfilter/nf_tables_api.c
View File

@ -1680,6 +1680,7 @@ static int nf_tables_parse_netdev_hooks(struct net *net,
goto err_hook;
}
if (nft_hook_list_find(hook_list, hook)) {
kfree(hook);
err = -EEXIST;
goto err_hook;
}