[thirdparty/kernel/stable-queue.git] / releases / 2.6.14.3 / recount-leak-of-proto-when-ctnetlink-dumping-tuple.patch

From stable-bounces@linux.kernel.org  Tue Nov 15 04:32:52 2005
Date: Tue, 15 Nov 2005 13:32:36 +0100
From: Harald Welte <laforge@netfilter.org>
To: Stable Kernel <stable@kernel.org>
Cc: 
Subject: [PATCH] [NETFILTER] refcount leak of proto when ctnetlink dumping tuple

From: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>

Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
Signed-off-by: Harald Welte <laforge@netfilter.org>
Signed-off-by: Chris Wright <chrisw@osdl.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
 net/ipv4/netfilter/ip_conntrack_netlink.c |    9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -58,14 +58,17 @@ ctnetlink_dump_tuples_proto(struct sk_bu
 			    const struct ip_conntrack_tuple *tuple)
 {
 	struct ip_conntrack_protocol *proto;
+	int ret = 0;
 
 	NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
 
 	proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
-	if (proto && proto->tuple_to_nfattr)
-		return proto->tuple_to_nfattr(skb, tuple);
+	if (likely(proto && proto->tuple_to_nfattr)) {
+		ret = proto->tuple_to_nfattr(skb, tuple);
+		ip_conntrack_proto_put(proto);
+	}
 
-	return 0;
+	return ret;
 
 nfattr_failure:
 	return -1;
Commit	Line	Data
749cd2d3 CW	1	From stable-bounces@linux.kernel.org Tue Nov 15 04:32:52 2005
	2	Date: Tue, 15 Nov 2005 13:32:36 +0100
	3	From: Harald Welte <laforge@netfilter.org>
	4	To: Stable Kernel <stable@kernel.org>
	5	Cc:
	6	Subject: [PATCH] [NETFILTER] refcount leak of proto when ctnetlink dumping tuple
	7
	8	From: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
	9
	10	Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp>
	11	Signed-off-by: Harald Welte <laforge@netfilter.org>
	12	Signed-off-by: Chris Wright <chrisw@osdl.org>
a9b345af	13	Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
749cd2d3	14	---
749cd2d3	15	net/ipv4/netfilter/ip_conntrack_netlink.c \| 9 ++++++---
a9b345af	16	1 file changed, 6 insertions(+), 3 deletions(-)
749cd2d3	17
a9b345af GKH	18	--- linux-2.6.14.2.orig/net/ipv4/netfilter/ip_conntrack_netlink.c
a9b345af GKH	19	+++ linux-2.6.14.2/net/ipv4/netfilter/ip_conntrack_netlink.c
749cd2d3 CW	20	@@ -58,14 +58,17 @@ ctnetlink_dump_tuples_proto(struct sk_bu
	21	const struct ip_conntrack_tuple *tuple)
	22	{
	23	struct ip_conntrack_protocol *proto;
	24	+ int ret = 0;
	25
	26	NFA_PUT(skb, CTA_PROTO_NUM, sizeof(u_int8_t), &tuple->dst.protonum);
	27
	28	proto = ip_conntrack_proto_find_get(tuple->dst.protonum);
	29	- if (proto && proto->tuple_to_nfattr)
	30	- return proto->tuple_to_nfattr(skb, tuple);
	31	+ if (likely(proto && proto->tuple_to_nfattr)) {
	32	+ ret = proto->tuple_to_nfattr(skb, tuple);
	33	+ ip_conntrack_proto_put(proto);
	34	+ }
	35
	36	- return 0;
	37	+ return ret;
	38
	39	nfattr_failure:
	40	return -1;