[PATCH 2/2] net: cipso: fix memory leak in cipso_v4_doi_free
Pavel Skripkin
paskripkin at gmail.com
Sat Jul 10 07:40:52 UTC 2021
On Sat, 10 Jul 2021 15:29:19 +0800
Dongliang Mu <mudongliangabcd at gmail.com> wrote:
> On Sat, Jul 10, 2021 at 3:10 PM Pavel Skripkin <paskripkin at gmail.com>
> wrote:
> >
> > When doi_def->type == CIPSO_V4_MAP_TRANS doi_def->map.std should
> > be freed to avoid memory leak.
> >
> > Fail log:
> >
> > BUG: memory leak
> > unreferenced object 0xffff88801b936d00 (size 64):
> > comm "a.out", pid 8478, jiffies 4295042353 (age 15.260s)
> > hex dump (first 32 bytes):
> > 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > 00 00 00 00 15 b8 12 26 00 00 00 00 00 00 00 00 .......&........
> > backtrace:
> > netlbl_cipsov4_add (net/netlabel/netlabel_cipso_v4.c:145
> > net/netlabel/netlabel_cipso_v4.c:416) genl_family_rcv_msg_doit
> > (net/netlink/genetlink.c:741) genl_rcv_msg
> > (net/netlink/genetlink.c:783 net/netlink/genetlink.c:800)
> > netlink_rcv_skb (net/netlink/af_netlink.c:2505) genl_rcv
> > (net/netlink/genetlink.c:813)
> >
> > Fixes: b1edeb102397 ("netlabel: Replace protocol/NetLabel linking
> > with refrerence counts")
> > Signed-off-by: Pavel Skripkin <paskripkin at gmail.com>
> > ---
> > net/ipv4/cipso_ipv4.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
> > index bfaf327e9d12..e0480c6cebaa 100644
> > --- a/net/ipv4/cipso_ipv4.c
> > +++ b/net/ipv4/cipso_ipv4.c
> > @@ -472,6 +472,7 @@ void cipso_v4_doi_free(struct cipso_v4_doi
> > *doi_def) kfree(doi_def->map.std->lvl.local);
> > kfree(doi_def->map.std->cat.cipso);
> > kfree(doi_def->map.std->cat.local);
> > + kfree(doi_def->map.std);
> > break;
> > }
> > kfree(doi_def);
> > --
>
> Hi Paval,
>
> this patch is already merged by Paul. See [1] for more details.
>
> [1]
> https://lore.kernel.org/netdev/CAHC9VhQZVOmy7n14nTSRGHzwN-y=E_JTUP+NpRCgD8rJN5sOGA@mail.gmail.com/T/
>
Hi, Dongliang!
Thank you for the information. I'm wondering, can maintainer pick only 1
patch from series, or I should send v2?
With regards,
Pavel Skripkin
More information about the Linux-security-module-archive
mailing list