Re: [PATCH] xfrm: fix refcount leak in __xfrm_policy_check()

From: Steffen Klassert
Date: Fri Jul 29 2022 - 09:08:52 EST

Next message: Andrew Lunn: "Re: [PATCH net-next 2/2] net: macb: Add zynqmp SGMII dynamic configuration support"
Previous message: Camelia Alexandra Groza: "RE: [PATCH v4 00/25] net: dpaa: Cleanups in preparation for phylink conversion"
In reply to: Xin Xiong: "[PATCH] xfrm: fix refcount leak in __xfrm_policy_check()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Jul 24, 2022 at 05:55:58PM +0800, Xin Xiong wrote:
> The issue happens on an error path in __xfrm_policy_check(). When the
> fetching process of the object `pols[1]` fails, the function simply
> returns 0, forgetting to decrement the reference count of `pols[0]`,
> which is incremented earlier by either xfrm_sk_policy_lookup() or
> xfrm_policy_lookup(). This may result in memory leaks.
>
> Fix it by decreasing the reference count of `pols[0]` in that path.
>
> Fixes: 134b0fc544ba ("IPsec: propagate security module errors up from flow_cache_lookup")
> Signed-off-by: Xin Xiong <xiongx18@xxxxxxxxxxxx>
> Signed-off-by: Xin Tan <tanxin.ctf@xxxxxxxxx>

Applied, thanks a lot Xin!

Next message: Andrew Lunn: "Re: [PATCH net-next 2/2] net: macb: Add zynqmp SGMII dynamic configuration support"
Previous message: Camelia Alexandra Groza: "RE: [PATCH v4 00/25] net: dpaa: Cleanups in preparation for phylink conversion"
In reply to: Xin Xiong: "[PATCH] xfrm: fix refcount leak in __xfrm_policy_check()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]