If md is NULL, tun_dst must be freed, otherwise it will cause memory
leak.
Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
Cc: William Tu <[email protected]>
Signed-off-by: Haishuang Yan <[email protected]>
---
net/ipv4/ip_gre.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
index d828821..9253d6f 100644
--- a/net/ipv4/ip_gre.c
+++ b/net/ipv4/ip_gre.c
@@ -304,8 +304,10 @@ static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi,
return PACKET_REJECT;
md = ip_tunnel_info_opts(&tun_dst->u.tun_info);
- if (!md)
+ if (!md) {
+ dst_release((struct dst_entry *)tun_dst);
return PACKET_REJECT;
+ }
md->index = index;
info = &tun_dst->u.tun_info;
--
1.8.3.1
If md is NULL, tun_dst must be freed, otherwise it will cause memory
leak
Fixes: 5a963eb61b7c ("ip6_gre: Add ERSPAN native tunnel support")
Cc: William Tu <[email protected]>
Signed-off-by: Haishuang Yan <[email protected]>
---
net/ipv6/ip6_gre.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c
index 4562579..b8b0e4b 100644
--- a/net/ipv6/ip6_gre.c
+++ b/net/ipv6/ip6_gre.c
@@ -542,8 +542,10 @@ static int ip6erspan_rcv(struct sk_buff *skb, int gre_hdr_len,
info = &tun_dst->u.tun_info;
md = ip_tunnel_info_opts(info);
- if (!md)
+ if (!md) {
+ dst_release((struct dst_entry *)tun_dst);
return PACKET_REJECT;
+ }
md->index = index;
info->key.tun_flags |= TUNNEL_ERSPAN_OPT;
--
1.8.3.1
On Thu, Dec 14, 2017 at 7:15 AM, Haishuang Yan
<[email protected]> wrote:
> If md is NULL, tun_dst must be freed, otherwise it will cause memory
> leak.
>
> Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
> Cc: William Tu <[email protected]>
> Signed-off-by: Haishuang Yan <[email protected]>
> ---
> net/ipv4/ip_gre.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
> index d828821..9253d6f 100644
> --- a/net/ipv4/ip_gre.c
> +++ b/net/ipv4/ip_gre.c
> @@ -304,8 +304,10 @@ static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi,
> return PACKET_REJECT;
>
> md = ip_tunnel_info_opts(&tun_dst->u.tun_info);
> - if (!md)
> + if (!md) {
> + dst_release((struct dst_entry *)tun_dst);
> return PACKET_REJECT;
> + }
I'm not sure about this. Maybe we don't even need to check "if (!md)"
since ip_tun_rx_dst does the memory allocation.
William
> On 2017??12??15??, at ????2:47, William Tu <[email protected]> wrote:
>
> On Thu, Dec 14, 2017 at 7:15 AM, Haishuang Yan
> <[email protected]> wrote:
>> If md is NULL, tun_dst must be freed, otherwise it will cause memory
>> leak.
>>
>> Fixes: 84e54fe0a5ea ("gre: introduce native tunnel support for ERSPAN")
>> Cc: William Tu <[email protected]>
>> Signed-off-by: Haishuang Yan <[email protected]>
>> ---
>> net/ipv4/ip_gre.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>> diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
>> index d828821..9253d6f 100644
>> --- a/net/ipv4/ip_gre.c
>> +++ b/net/ipv4/ip_gre.c
>> @@ -304,8 +304,10 @@ static int erspan_rcv(struct sk_buff *skb, struct tnl_ptk_info *tpi,
>> return PACKET_REJECT;
>>
>> md = ip_tunnel_info_opts(&tun_dst->u.tun_info);
>> - if (!md)
>> + if (!md) {
>> + dst_release((struct dst_entry *)tun_dst);
>> return PACKET_REJECT;
>> + }
> I'm not sure about this. Maybe we don't even need to check "if (!md)"
> since ip_tun_rx_dst does the memory allocation.
> William
>
Hi, William
I think we need to check ??if (!md)??, if md is okay, ip_tunnel_rcv will be responsible to free
tun_dst:
448 drop:
449 if (tun_dst)
450 dst_release((struct dst_entry *)tun_dst);
Thanks.