Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=e0e8f1c8220c43bdf25cfb5622f6ab6947027fb1
Commit:     e0e8f1c8220c43bdf25cfb5622f6ab6947027fb1
Parent:     419dd8378dfa32985672ab7927b4bc827f33b332
Author:     Herbert Xu <[EMAIL PROTECTED]>
AuthorDate: Wed Jan 10 22:06:32 2007 -0800
Committer:  David S. Miller <[EMAIL PROTECTED]>
CommitDate: Tue Jan 23 20:25:39 2007 -0800

    [IPSEC] flow: Fix potential memory leak
    
    When old flow cache entries that are not at the head of their chain
    trigger a transient security error they get unlinked along with all
    the entries preceding them in the chain.  The preceding entries are
    not freed correctly.
    
    This patch fixes this by simply leaving the entry around.  It's based
    on a suggestion by Venkat Yekkirala.
    
    Signed-off-by: Herbert Xu <[EMAIL PROTECTED]>
    Signed-off-by: David S. Miller <[EMAIL PROTECTED]>
---
 net/core/flow.c |   26 ++++++++++----------------
 1 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/net/core/flow.c b/net/core/flow.c
index d137f97..5d25697 100644
--- a/net/core/flow.c
+++ b/net/core/flow.c
@@ -231,22 +231,16 @@ nocache:
 
                err = resolver(key, family, dir, &obj, &obj_ref);
 
-               if (fle) {
-                       if (err) {
-                               /* Force security policy check on next lookup */
-                               *head = fle->next;
-                               flow_entry_kill(cpu, fle);
-                       } else {
-                               fle->genid = atomic_read(&flow_cache_genid);
-
-                               if (fle->object)
-                                       atomic_dec(fle->object_ref);
-
-                               fle->object = obj;
-                               fle->object_ref = obj_ref;
-                               if (obj)
-                                       atomic_inc(fle->object_ref);
-                       }
+               if (fle && !err) {
+                       fle->genid = atomic_read(&flow_cache_genid);
+
+                       if (fle->object)
+                               atomic_dec(fle->object_ref);
+
+                       fle->object = obj;
+                       fle->object_ref = obj_ref;
+                       if (obj)
+                               atomic_inc(fle->object_ref);
                }
                local_bh_enable();
 
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to