diff options
| author |   Liping Zhang <liping.zhang@spreadtrum.com> | 2016-08-08 22:03:40 +0800 |
|---|---|---|
| committer |   Pablo Neira Ayuso <pablo@netfilter.org> | 2016-08-09 10:39:25 +0200 |
| commit | b18bcb0019cf57a3db0917b77e65c29bd9b00f54 (patch) | |
| tree | e4953f2cfc6e10c6c7a19b0f02bef6eb951e367b /net | |
| parent | netfilter: nf_ct_expect: remove the redundant slash when policy name is empty (diff) | |
| download | linux-dev-b18bcb0019cf57a3db0917b77e65c29bd9b00f54.tar.xz linux-dev-b18bcb0019cf57a3db0917b77e65c29bd9b00f54.zip | |
netfilter: nfnetlink_queue: fix memory leak when attach expectation successfully
User can use NFQA_EXP to attach expectations to conntracks, but we
forget to put back nf_conntrack_expect when it is inserted successfully,
i.e. in this normal case, expect's use refcnt will be 3. So even we
unlink it and put it back later, the use refcnt is still 1, then the
memory will be leaked forever.
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 050bb3420a6b..b9bfe64e232c 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -2362,12 +2362,8 @@ ctnetlink_glue_attach_expect(const struct nlattr *attr, struct nf_conn *ct, return PTR_ERR(exp); err = nf_ct_expect_related_report(exp, portid, report); - if (err < 0) { - nf_ct_expect_put(exp); - return err; - } - - return 0; + nf_ct_expect_put(exp); + return err; } static void ctnetlink_glue_seqadj(struct sk_buff *skb, struct nf_conn *ct, |