netfilter: ctnetlink: fix refcnt leak in dying/unconfirmed list dumper - linux

diff options

author	Florian Westphal <fw@strlen.de>	2014-06-08 11:41:23 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-06-16 12:51:36 +0200
commit	cd5f336f1780cb20e83146cde64d3d5779e175e6 (patch)
tree	1256bde8377eda4f1ca29a232eaaa0e8a3d13e22 /net/phonet/pn_netlink.c
parent	netfilter: ctnetlink: fix dumping of dying/unconfirmed conntracks (diff)
download	linux-cd5f336f1780cb20e83146cde64d3d5779e175e6.tar.xz linux-cd5f336f1780cb20e83146cde64d3d5779e175e6.zip

netfilter: ctnetlink: fix refcnt leak in dying/unconfirmed list dumper

'last' keeps track of the ct that had its refcnt bumped during previous dump cycle. Thus it must not be overwritten until end-of-function. Another (unrelated, theoretical) issue: Don't attempt to bump refcnt of a conntrack whose reference count is already 0. Such conntrack is being destroyed right now, its memory is freed once we release the percpu dying spinlock. Fixes: b7779d06 ('netfilter: conntrack: spinlock per cpu to protect special lists.') Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'net/phonet/pn_netlink.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: