In can327_feed_frame_to_netdev(), it did not free the skb when netdev
is down, and all callers of can327_feed_frame_to_netdev() did not free
allocated skb too. That would trigger skb leak.
Fix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev
is down. Not tested, just compiled.
Fixes: 43da2f07622f ("can: can327: CAN/ldisc driver for ELM327 based OBD-II adapters")
Signed-off-by: Ziyang Xuan <[email protected]>
---
drivers/net/can/can327.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/net/can/can327.c b/drivers/net/can/can327.c
index 0aa1af31d0fe..17bca63f3dd3 100644
--- a/drivers/net/can/can327.c
+++ b/drivers/net/can/can327.c
@@ -263,8 +263,10 @@ static void can327_feed_frame_to_netdev(struct can327 *elm, struct sk_buff *skb)
{
lockdep_assert_held(&elm->lock);
- if (!netif_running(elm->dev))
+ if (!netif_running(elm->dev)) {
+ kfree_skb(skb);
return;
+ }
/* Queue for NAPI pickup.
* rx-offload will update stats and LEDs for us.
--
2.25.1
(CC Vincent, he may be interested)
On Thu, 10 Nov 2022 14:14:37 +0800
Ziyang Xuan <[email protected]> wrote:
> Fix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev
> is down. Not tested, just compiled.
Looks correct to me, so:
Reviewed-by: Max Staudt <[email protected]>
Thank you very much for finding and fixing this!
Max
Hello,
Gently ask.
Is there any other problem? And can it be applied?
Thanks.
> (CC Vincent, he may be interested)
>
>
> On Thu, 10 Nov 2022 14:14:37 +0800
> Ziyang Xuan <[email protected]> wrote:
>
>> Fix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev
>> is down. Not tested, just compiled.
>
> Looks correct to me, so:
>
> Reviewed-by: Max Staudt <[email protected]>
>
>
> Thank you very much for finding and fixing this!
>
> Max
>
> .
>
Marc, Wolfgang,
Could you please include William's patch to can327, provided that you
see no issue with it?
Thanks :)
Max
On Tue, 22 Nov 2022 10:10:50 +0800
"Ziyang Xuan (William)" <[email protected]> wrote:
> Hello,
>
> Gently ask.
>
> Is there any other problem? And can it be applied?
>
> Thanks.
>
> > (CC Vincent, he may be interested)
> >
> >
> > On Thu, 10 Nov 2022 14:14:37 +0800
> > Ziyang Xuan <[email protected]> wrote:
> >
> >> Fix it by adding kfree_skb() in can327_feed_frame_to_netdev() when netdev
> >> is down. Not tested, just compiled.
> >
> > Looks correct to me, so:
> >
> > Reviewed-by: Max Staudt <[email protected]>
> >
> >
> > Thank you very much for finding and fixing this!
> >
> > Max
> >
> > .
> >