Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3300824pxk; Mon, 21 Sep 2020 10:03:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxvVux6l3HojnBt9PFhPR7f/Vr5IR9aNZxexcOA27zFUGhslt4fFld/F4cUk6n9hsZDywbR X-Received: by 2002:aa7:d697:: with SMTP id d23mr649889edr.13.1600707838696; Mon, 21 Sep 2020 10:03:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600707838; cv=none; d=google.com; s=arc-20160816; b=e/3g78gvUDEoSsPFxyXPLhcCO8ib1729VKbbjfk8/vXJDflCFCWsLWUf6Kl4Z2P1Rv 3w7/sVDXBe60rrnX83RuAJFA6HmveZGEBm9QARSBnBgIrnMKR9wMOGv12F2A6mAsQs++ MSzAzx/gvetYpKNrRvvg1qWhyCz2FRnvfbWxUanWj9bfZovTjy3XameTWrQL9G02pYAT QA9+r6BwvCXy7z/ROkfMXcSpe5M0+IKkf7ByQ9rkvNWFhvBZrlTpC5oAUR57LWnmujdr N9uCGeCNtEv8D5Ke3lmIVlWg3wrmlZwdmLa7440RaJ+afCKucqq8fnK8ahRpLNAsqLku igpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=etvq9J5Qoso7f5rug0L6F2NRPehgTFCamk5mZ6jJ8DM=; b=bc11HctzV3SdPBzngtKhy4FykPj0HTxTv45TqtQTQkjxhSm6/DjqLeSXqPmnfQBet4 9uC5cajYyR23hIsnf95YUsn1XX7yvX9sEToo+SQZD0cbYvxPW1lVcqbn5EOLtTm4J3nS SLJMfoqMtkCfLk2teTAcrrhVWiGJpPjveqFYqi45XOgKoRQmqL4XRil2FcXIP7TflYHS IKsOt8Rr5FiOvrxRw22lfYOfTdsU0rwb3TVrg8a+yoDEGUyBM/CyqW0mb3vlFHLzfjMR qmBj6jNJMjaEw3qKorwoB5DESWgtPBx5Bh9omMo4o9J5D0C9zyNgvNYA0NPH+DnZo22b lXmg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=SV7uDEVY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u13si8219337ejt.286.2020.09.21.10.03.34; Mon, 21 Sep 2020 10:03:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=SV7uDEVY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729136AbgIURAN (ORCPT + 99 others); Mon, 21 Sep 2020 13:00:13 -0400 Received: from mail.kernel.org ([198.145.29.99]:43012 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729339AbgIUQkV (ORCPT ); Mon, 21 Sep 2020 12:40:21 -0400 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 18D6D238E6; Mon, 21 Sep 2020 16:40:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1600706420; bh=6E1YRvOOzqTjBweNbBZ0AbN4gVzZo1ZfcusoBaPe74A=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SV7uDEVYAAYBYrlotaEFPN1A4Z2L95SgfztG27ZCxZQhAeT30NvUSMVJos7nN61mK YduAverEkOV5o6ITVE6bgKcTYP9BhlPSDkN78wAj3bhiQ8W4J9iHGLR2u4rk3u+v6q nuLEbRdKn+WLVFOiqanY9lMchnwtTMWAoJPmka04= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Miaohe Lin , "David S. Miller" Subject: [PATCH 4.14 62/94] net: handle the return value of pskb_carve_frag_list() correctly Date: Mon, 21 Sep 2020 18:27:49 +0200 Message-Id: <20200921162038.392139867@linuxfoundation.org> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20200921162035.541285330@linuxfoundation.org> References: <20200921162035.541285330@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Miaohe Lin commit eabe861881a733fc84f286f4d5a1ffaddd4f526f upstream. pskb_carve_frag_list() may return -ENOMEM in pskb_carve_inside_nonlinear(). we should handle this correctly or we would get wrong sk_buff. Fixes: 6fa01ccd8830 ("skbuff: Add pskb_extract() helper function") Signed-off-by: Miaohe Lin Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/core/skbuff.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -5447,9 +5447,13 @@ static int pskb_carve_inside_nonlinear(s if (skb_has_frag_list(skb)) skb_clone_fraglist(skb); - if (k == 0) { - /* split line is in frag list */ - pskb_carve_frag_list(skb, shinfo, off - pos, gfp_mask); + /* split line is in frag list */ + if (k == 0 && pskb_carve_frag_list(skb, shinfo, off - pos, gfp_mask)) { + /* skb_frag_unref() is not needed here as shinfo->nr_frags = 0. */ + if (skb_has_frag_list(skb)) + kfree_skb_list(skb_shinfo(skb)->frag_list); + kfree(data); + return -ENOMEM; } skb_release_data(skb);