Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp764766ybi; Fri, 14 Jun 2019 03:01:31 -0700 (PDT) X-Google-Smtp-Source: APXvYqy5X8lo7WwuCS8mIwgQoANmh9A0VnybHCX0WX4TnAx7bPmN0xIksWKF+eTQfAW8R4kaR/vj X-Received: by 2002:a65:4209:: with SMTP id c9mr35847469pgq.111.1560506491413; Fri, 14 Jun 2019 03:01:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560506491; cv=none; d=google.com; s=arc-20160816; b=FGSGKXM1gkS9+ogJBO4SGPyPH9UCZJJXMy6Xej63kfVPaoU+lGfteD0jaT7WjD0AOf n87UccsMRCdEuTm7Y11OppILLO+dWo5Y0kpE7IV/uugZvLsAbqfPSyoQ6Mla/9WJgkAR 4oAhw89mGuxjAuwNLZzsgBt2XStTTQd5OoF5I8QX0VY+lMTm5T9BJc4H8Mg6VtfV5V/+ TKZFxc25qAjwpEG4PmNy8TL83y5vlIS/+51WH7h6TZoO7IshlKfQd4cYTLGRFPDToa4x yXOKUSkdkQt1FDsKRclXIe/2u77PiKCPceKdzUolJPQrA+Wz3o0IiKvyrEyQ0LFx+X55 +Qrw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=+SqYUowZr52aqAdLPxRNaayVXCYX/FhSATpPUJOhNrw=; b=U4yAHLezKj/tsuZ8LmIdNtkz3ZuCvSwG4n2aLkkucTgcL5GEc0sFS2P18iug0Z5X+1 gri35A8V/Cvr8BOrYg3P92dUCHi64NF1U/7hRGBKL8SzFjTR4wtjqk4j5wQ7UMxXm9S1 ufSjV0dTvs0uQV5CP/9+l9ngZLmKm7WUN+IhtN2hQpVUXTKNOHWniY7JGXCjN6AShELt pNdrKahPdkzQmcO23om89AZovBcUAOA9AYDz+bP8POJyBgvqZmvpknSfNVZtgcr5r+nP FBkyaq96L3/B2nZXkY4Oqo110+lSMC1pQ9gPBmmU0Jdw1M8tpsFlQ5M9l0zwNfa+TJuQ GacA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@azazel.net header.s=20190108 header.b=EJlBGeh1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=REJECT dis=NONE) header.from=azazel.net Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x13si1887358pjt.36.2019.06.14.03.01.14; Fri, 14 Jun 2019 03:01:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@azazel.net header.s=20190108 header.b=EJlBGeh1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=REJECT dis=NONE) header.from=azazel.net Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727330AbfFNJ7d (ORCPT + 99 others); Fri, 14 Jun 2019 05:59:33 -0400 Received: from kadath.azazel.net ([81.187.231.250]:41598 "EHLO kadath.azazel.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726767AbfFNJ7c (ORCPT ); Fri, 14 Jun 2019 05:59:32 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=azazel.net; s=20190108; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID: Subject:Cc:To:From:Date:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=+SqYUowZr52aqAdLPxRNaayVXCYX/FhSATpPUJOhNrw=; b=EJlBGeh1c7hJ9Ws6hHNTKAepg/ tgaD0qi533U8Qu9foxsKUShJesrorJjYJNOgEqDWQUtG4vFR2Zb03OMDqWK8TdZGxhLCGQGwebKd8 pq+euhq83cOJHmesuPoikyW7vzgsJP6jLvfXKVlIiDF4Ec4+o65kLduKheMcXMmWK869T85lagj2z 3SniQ/Gz3ePrx+6k1+aKnO8JqJ/ZCHPTA3fNoNj66ncUYCeka+uEifFIKagcD4N2XBXCgmWTMyRRG 7+sQ9vjH/WVuydB0MbDhki5nfmw8j4yc0+64HNCYqYf7yqbvNSNFeyLjkAlcqHR28qOg779JYaLeF DQsVL/0A==; Received: from kadath.azazel.net ([2001:8b0:135f:bcd1:e2cb:4eff:fedf:e608] helo=azazel.net) by kadath.azazel.net with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89) (envelope-from ) id 1hbizT-0006xV-OC; Fri, 14 Jun 2019 10:59:23 +0100 Date: Fri, 14 Jun 2019 10:59:22 +0100 From: Jeremy Sowden To: Steffen Klassert , g@azazel.net Cc: Young Xiao <92siuyang@gmail.com>, herbert@gondor.apana.org.au, davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] af_key: Fix memory leak in key_notify_policy. Message-ID: <20190614095922.k5yzeyew2zhrfp7e@azazel.net> References: <1560500786-572-1-git-send-email-92siuyang@gmail.com> <20190614085346.GN17989@gauss3.secunet.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="okvcvc2i7gz2dbyk" Content-Disposition: inline In-Reply-To: <20190614085346.GN17989@gauss3.secunet.de> User-Agent: NeoMutt/20170113 (1.7.2) X-SA-Exim-Connect-IP: 2001:8b0:135f:bcd1:e2cb:4eff:fedf:e608 X-SA-Exim-Mail-From: jeremy@azazel.net X-SA-Exim-Scanned: No (on kadath.azazel.net); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org --okvcvc2i7gz2dbyk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On 2019-06-14, at 10:53:46 +0200, Steffen Klassert wrote: > On Fri, Jun 14, 2019 at 04:26:26PM +0800, Young Xiao wrote: > > We leak the allocated out_skb in case pfkey_xfrm_policy2msg() fails. > > Fix this by freeing it on error. > > > > Signed-off-by: Young Xiao <92siuyang@gmail.com> > > --- > > net/key/af_key.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/net/key/af_key.c b/net/key/af_key.c > > index 4af1e1d..ec414f6 100644 > > --- a/net/key/af_key.c > > +++ b/net/key/af_key.c > > @@ -2443,6 +2443,7 @@ static int key_pol_get_resp(struct sock *sk, struct xfrm_policy *xp, const struc > > } > > err = pfkey_xfrm_policy2msg(out_skb, xp, dir); > > if (err < 0) > > + kfree_skb(out_skb); > > goto out; > > Did you test this? > > You need to add braces, otherwise 'goto out' will happen unconditionally. > > > > > out_hdr = (struct sadb_msg *) out_skb->data; > > @@ -2695,6 +2696,7 @@ static int dump_sp(struct xfrm_policy *xp, int dir, int count, void *ptr) > > > > err = pfkey_xfrm_policy2msg(out_skb, xp, dir); > > if (err < 0) > > + kfree_skb(out_skb); > > return err; > > Same here. There's already a patch for this: https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git/commit/?id=7c80eb1c7e2b8420477fbc998971d62a648035d9 J. --okvcvc2i7gz2dbyk Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZ8d+2N/NBLDbUxIF0Z7UzfnX9sMFAl0Db/kACgkQ0Z7UzfnX 9sO+dg//X5IBarNnBL4+mJo1PVkihtoJNZib7SkyNpJjU74rQ5lfILTPWBKkxOHD LFQt62krPp/IUE328UQthubS8BbJWSDJ7BF9HUtHlme2nZoxjgfPxvn3EvAkhQTn DjoeP9hOrRgn1ufCqU09n+drVOl/tTxOZIuGK4XT0j0Ycp4PpW3fPng3gs5x4eNS YPrLZU51nOU46GQW8b60BSgoG5h2YytLwJ4kicaJGjZxhZZOtKycrX5oc5YnnU8Z ki7zUF/eU5Hni231wjhJBLs8uNTtll7g8Nl8oYogDlCo1EwFukScqS9dPXev7SKZ 4W9Xm8xP2aHAGvylJJhvFpqQ/gR5U9MkXr+gmc6uachuiZrbp3zCDyKgYt+hxZG9 lnLjLKxNm4Bc+Wwn38BvoBcg03q850BEUGdfANpM1l/aFS+va27MFGX0wnWFsVfV ChOS0BfrqrOwpvLFUjFN7Ojvli+9Qs+KWiwHzp7dJFltnntif1J8i27T6v0cjQBL irphre+3e96UgilQ/1+ygZQi/h4SwQzt8yEfGXo3Gx8sGb7VSaYS43oW3jzhH4Rm WgQWyFnlzbUtaz/SZMXvj5vUaQhTUjpVHG/Ws5vkEE+ED7CGdu0r4J1j0+EfLQOi TJPyklntEQv4rzJHQK18+InPJgQ7HTox2Yft8rfjEZ2dSa2R6UI= =Llij -----END PGP SIGNATURE----- --okvcvc2i7gz2dbyk--