From: Herbert Xu
> Sent: 04 August 2015 10:21
> On Tue, Aug 04, 2015 at 09:15:13AM +0000, David Laight wrote:
> >
> > You've introduced a memory leak if skb_clone() fails.
>
> No I have not.
>
> > > nskb = skb_clone(skb, GFP_ATOMIC);
> > > if (!nskb)
> > > - return -ENOMEM;
> > > + return ERR_PTR(-ENOMEM);
> >
> > Here the original skb is still allocated.
> >
> > > - error = skb_set_peeked(skb);
> > > - if (error)
> > > + skb = skb_set_peeked(skb);
> >
> > You've now lost the address of the original skb.
>
> It doesn't matter because we will take the error path and return
> the ENOMEM error. We must not free the skb as it's still on the
> recv queue.
In that case, what happens to the receive queue when skb_clone()
takes a copy of the skb - freeing the original one?
David
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
