Re: [PATCH] netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check()

From: Pablo Neira Ayuso
Date: Thu Jan 06 2022 - 04:40:28 EST

Next message: Eric Dumazet: "Re: [PATCH v4 net-next 3/3] bpf: selftests: use C99 initializers in test_sock.c"
Previous message: Suzuki K Poulose: "Re: [PATCH 3/4] coresight: trbe: Work around the invalid prohibited states"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 23, 2021 at 10:48:12AM +0800, Xin Xiong wrote:
> The issue takes place in one error path of clusterip_tg_check(). When
> memcmp() returns nonzero, the function simply returns the error code,
> forgetting to decrease the reference count of a clusterip_config
> object, which is bumped earlier by clusterip_config_find_get(). This
> may incur reference count leak.
>
> Fix this issue by decrementing the refcount of the object in specific
> error path.

Applied

Next message: Eric Dumazet: "Re: [PATCH v4 net-next 3/3] bpf: selftests: use C99 initializers in test_sock.c"
Previous message: Suzuki K Poulose: "Re: [PATCH 3/4] coresight: trbe: Work around the invalid prohibited states"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]