Commit 493e2428 authored by Jesper Juhl's avatar Jesper Juhl Committed by David S. Miller

[NETFILTER]: Fix memory leak in ipt_recent

The Coverity checker spotted that we may leak 'hold' in
net/ipv4/netfilter/ipt_recent.c::checkentry() when the following
is true:
  if (!curr_table->status_proc) {
    ...
    if(!curr_table) {
    ...
      return 0;  <-- here we leak.
Simply moving an existing vfree(hold); up a bit avoids the possible leak.
Signed-off-by: default avatarJesper Juhl <jesper.juhl@gmail.com>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent a54c9d30
...@@ -821,6 +821,7 @@ checkentry(const char *tablename, ...@@ -821,6 +821,7 @@ checkentry(const char *tablename,
/* Create our proc 'status' entry. */ /* Create our proc 'status' entry. */
curr_table->status_proc = create_proc_entry(curr_table->name, ip_list_perms, proc_net_ipt_recent); curr_table->status_proc = create_proc_entry(curr_table->name, ip_list_perms, proc_net_ipt_recent);
if (!curr_table->status_proc) { if (!curr_table->status_proc) {
vfree(hold);
printk(KERN_INFO RECENT_NAME ": checkentry: unable to allocate for /proc entry.\n"); printk(KERN_INFO RECENT_NAME ": checkentry: unable to allocate for /proc entry.\n");
/* Destroy the created table */ /* Destroy the created table */
spin_lock_bh(&recent_lock); spin_lock_bh(&recent_lock);
...@@ -845,7 +846,6 @@ checkentry(const char *tablename, ...@@ -845,7 +846,6 @@ checkentry(const char *tablename,
spin_unlock_bh(&recent_lock); spin_unlock_bh(&recent_lock);
vfree(curr_table->time_info); vfree(curr_table->time_info);
vfree(curr_table->hash_table); vfree(curr_table->hash_table);
vfree(hold);
vfree(curr_table->table); vfree(curr_table->table);
vfree(curr_table); vfree(curr_table);
return 0; return 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment