Re: [PATCH] fix mem-leak in netfilter
From: Stephen Frost
Date: Mon May 15 2006 - 16:44:54 EST
* Patrick McHardy (kaber@xxxxxxxxx) wrote:
> This is the updated patch, it changes the eviction strategy
> to LRU and fixes a bug related to TTL handling, the TTL stored
> in the entry should only be overwritten if the IPT_RECENT_TTL
> flag is set.
This looks like least-recently-added as opposed to least-recently-used
(or, really, least-recently-updated). Not sure how you move an entry in
the lru list (perhaps just delete/add?) but I'm pretty sure
recent_entry_update() needs to be modified to move the updated entry to
the end of the list for correct operation.
You also don't appear to check if 't' (the table following the
recent_table_lookup() call) is valid in the 'match' (around
line 191). recent_entry_lookup() doesn't check that either. It seems
like you should be guarenteed to always get a table back but it might be
prudent to check anyway.
I thought that I had convinced myself that the TTL handling was okay and
that where it was overwritten wasn't harmful. Oh well.
Thanks,
Stephen
Attachment:
signature.asc
Description: Digital signature