Looking at the changes introduced in the commit below, we seem toSadly, after nearly 30 years (1982-2010) we've just closed our last X.25 line so I can no longer test this.
introduce an skb leak when a packet with bad facilities are present:
commit a6331d6f9a4298173b413cf99a40cc86a9d92c37
Author: andrew hendry<andrew.hendry@xxxxxxxxx>
Date: Wed Nov 3 12:54:53 2010 +0000
memory corruption in X.25 facilities parsing
If I am understanding things correctly then we trigger a -1 return to
the main packet dispatch loop, this being non-zero implies that we have
requeued the skb and it should not be freed. As it was not requeued,
I believe the skb is no longer referenced and then is leaked.
Perhaps someone better aquainted with this code could review my analysis
in the patch leader below. If accurate I believe we need the patch below
to resolve this. If it is not then I suspect a comment is required on
the -1 return.
Thoughts?