[PATCH RESEND] memory leak in ndisc_router_discovery

• Next message: Andreani Stefano: "Kernel bug handling TCP_RTO_MAX?"
• Previous message: Bryan O'Sullivan: "Re: using 2 TB in real life"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I had sent this earlier, there is a bug in router advertisement handling code,
where the reference (and memory) to an inet6_dev pointer can get leaked (this
leak can happen atmost once for each interface on a system which receives
invalid RA's). Below is the patch against 2.5.51 to fix it.

thanks,

- KK

-------------------------------------------------------------------------------
diff -ruN linux.org/net/ipv6/ndisc.c linux/net/ipv6/ndisc.c
--- linux.org/net/ipv6/ndisc.c Fri Nov 7 10:02:11 2002
+++ linux/net/ipv6/ndisc.c Fri Nov 8 14:37:27 2002
@@ -871,6 +871,7 @@
         }
 
         if (!ndisc_parse_options(opt, optlen, &ndopts)) {
+ in6_dev_put(in6_dev);
                 if (net_ratelimit())
                         ND_PRINTK2(KERN_WARNING
                                    "ICMP6 RA: invalid ND option, ignored.\n");
-------------------------------------------------------------------------------
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Andreani Stefano: "Kernel bug handling TCP_RTO_MAX?"
• Previous message: Bryan O'Sullivan: "Re: using 2 TB in real life"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Dec 15 2002 - 22:00:25 EST