From patchwork Sun Apr 5 12:29:57 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 25607 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by ozlabs.org (Postfix) with ESMTP id 16604DDE17 for ; Sun, 5 Apr 2009 22:30:15 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752825AbZDEMaL (ORCPT ); Sun, 5 Apr 2009 08:30:11 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1752075AbZDEMaK (ORCPT ); Sun, 5 Apr 2009 08:30:10 -0400 Received: from gw1.cosmosbay.com ([212.99.114.194]:32871 "EHLO gw1.cosmosbay.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750971AbZDEMaJ convert rfc822-to-8bit (ORCPT ); Sun, 5 Apr 2009 08:30:09 -0400 Received: from [127.0.0.1] (localhost [127.0.0.1]) by gw1.cosmosbay.com (8.13.7/8.13.7) with ESMTP id n35CTxwM005363; Sun, 5 Apr 2009 14:29:59 +0200 Message-ID: <49D8A445.4060201@cosmosbay.com> Date: Sun, 05 Apr 2009 14:29:57 +0200 From: Eric Dumazet User-Agent: Thunderbird 2.0.0.21 (Windows/20090302) MIME-Version: 1.0 To: Graham Murray , "David S. Miller" CC: linux-kernel@vger.kernel.org, Linux Netdev List Subject: [PATCH] netfilter: ip6tables fix References: <20090329234702.4988017f@desktop.r000n.info> <8763hja8cy.fsf@newton.gmurray.org.uk> <20090405.012237.198610462.davem@davemloft.net> <49D88162.5040809@cosmosbay.com> <87ws9z8l4c.fsf@newton.gmurray.org.uk> <49D88839.4090902@cosmosbay.com> In-Reply-To: <49D88839.4090902@cosmosbay.com> X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-1.6 (gw1.cosmosbay.com [0.0.0.0]); Sun, 05 Apr 2009 14:29:59 +0200 (CEST) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Eric Dumazet a écrit : > Graham Murray a écrit : >> iptables gives me no problems at all, it is just ip6tables that >> fails. The first indication of this is during the init scripts when >> ip6tables-restore fails. > > I see, its a plain bug in net/ipv6/netfilter/ip6_tables.c > function alloc_counters() always returns -ENOMEM > > Unfortunatly , its Sunday here and I have to run for lunch time with family :) > > If nobody beats me, I will do the fix in a couple of hours... Here is the fix, thanks Graham for the report ! [PATCH] netfilter: ip6tables fix ip6_tables.c alloc_counters() misses a return statement, making ip6tables -N always failing and leaking memory. Reported-by: Graham Murray Signed-off-by: Eric Dumazet --- -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index dfed176..800ae85 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -1033,6 +1033,8 @@ static struct xt_counters *alloc_counters(struct xt_table *table) xt_free_table_info(info); + return counters; + free_counters: vfree(counters); nomem: