From patchwork Fri Jun 29 15:37:32 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Pablo Neira Ayuso X-Patchwork-Id: 168155 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id CFB20B7005 for ; Sat, 30 Jun 2012 01:38:08 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756149Ab2F2PiG (ORCPT ); Fri, 29 Jun 2012 11:38:06 -0400 Received: from mail.us.es ([193.147.175.20]:38953 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756138Ab2F2Pht (ORCPT ); Fri, 29 Jun 2012 11:37:49 -0400 Received: (qmail 25458 invoked from network); 29 Jun 2012 17:37:47 +0200 Received: from unknown (HELO us.es) (192.168.2.12) by us.es with SMTP; 29 Jun 2012 17:37:47 +0200 Received: (qmail 3037 invoked by uid 507); 29 Jun 2012 15:37:44 -0000 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on antivirus2 X-Spam-Level: X-Spam-Status: No, score=-99.2 required=7.5 tests=BAYES_50, USER_IN_WHITELIST autolearn=disabled version=3.3.1 Received: from 127.0.0.1 by antivirus2 (envelope-from , uid 501) with qmail-scanner-2.08 (clamdscan: 0.97.5/15100. Clear:RC:1(127.0.0.1):. Processed in 0.026108 secs); 29 Jun 2012 15:37:44 -0000 Received: from unknown (HELO antivirus2) (127.0.0.1) by us.es with SMTP; 29 Jun 2012 15:37:44 -0000 Received: from 192.168.1.13 (192.168.1.13) by antivirus2 (F-Secure/fsigk_smtp/407/antivirus2); Fri, 29 Jun 2012 17:37:44 +0200 (CEST) X-Virus-Status: clean(F-Secure/fsigk_smtp/407/antivirus2) Received: (qmail 26375 invoked from network); 29 Jun 2012 17:39:24 +0200 Received: from 1984.lsi.us.es (HELO localhost.localdomain) (pneira@us.es@150.214.188.80) by us.es with SMTP; 29 Jun 2012 17:39:24 +0200 From: pablo@netfilter.org To: netfilter-devel@vger.kernel.org Cc: davem@davemloft.net, netdev@vger.kernel.org Subject: [PATCH 2/5] netfilter: ipvs: fix dst leak in __ip_vs_addr_is_local_v6 Date: Fri, 29 Jun 2012 17:37:32 +0200 Message-Id: <1340984255-738-3-git-send-email-pablo@netfilter.org> X-Mailer: git-send-email 1.7.2.5 In-Reply-To: <1340984255-738-1-git-send-email-pablo@netfilter.org> References: <1340984255-738-1-git-send-email-pablo@netfilter.org> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org From: Eric Dumazet After call to ip6_route_output() we must release dst or we leak it. Also should test dst->error, as ip6_route_output() never returns NULL. Use boolean while we are at it. Signed-off-by: Eric Dumazet Signed-off-by: Pablo Neira Ayuso --- net/netfilter/ipvs/ip_vs_ctl.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index dd811b8..d43e3c1 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -76,19 +76,19 @@ static void __ip_vs_del_service(struct ip_vs_service *svc); #ifdef CONFIG_IP_VS_IPV6 /* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */ -static int __ip_vs_addr_is_local_v6(struct net *net, - const struct in6_addr *addr) +static bool __ip_vs_addr_is_local_v6(struct net *net, + const struct in6_addr *addr) { - struct rt6_info *rt; struct flowi6 fl6 = { .daddr = *addr, }; + struct dst_entry *dst = ip6_route_output(net, NULL, &fl6); + bool is_local; - rt = (struct rt6_info *)ip6_route_output(net, NULL, &fl6); - if (rt && rt->dst.dev && (rt->dst.dev->flags & IFF_LOOPBACK)) - return 1; + is_local = !dst->error && dst->dev && (dst->dev->flags & IFF_LOOPBACK); - return 0; + dst_release(dst); + return is_local; } #endif