aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter
diff options
context:
space:
mode:
authorEric Dumazet <eric.dumazet@gmail.com>2010-02-19 09:28:38 -0500
committerPatrick McHardy <kaber@trash.net>2010-02-19 09:28:38 -0500
commit64507fdbc29c3a622180378210ecea8659b14e40 (patch)
treec42d87f221405f3ba9553984c39178caae3aac26 /net/netfilter
parenta88e22adf5aad79b6e2ddd1bf0109c2ba8b46b0e (diff)
netfilter: nf_queue: fix NF_STOLEN skb leak
commit 3bc38712e3a6e059 (handle NF_STOP and unknown verdicts in nf_reinject) was a partial fix to packet leaks. If user asks NF_STOLEN status, we must free the skb as well. Reported-by: Afi Gjermund <afigjermund@gmail.com> Signed-off-by: Eric DUmazet <eric.dumazet@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter')
-rw-r--r--net/netfilter/nf_queue.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index 3a6fd77f7761..ba095fd014e5 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -265,7 +265,6 @@ void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
265 local_bh_disable(); 265 local_bh_disable();
266 entry->okfn(skb); 266 entry->okfn(skb);
267 local_bh_enable(); 267 local_bh_enable();
268 case NF_STOLEN:
269 break; 268 break;
270 case NF_QUEUE: 269 case NF_QUEUE:
271 if (!__nf_queue(skb, elem, entry->pf, entry->hook, 270 if (!__nf_queue(skb, elem, entry->pf, entry->hook,
@@ -273,6 +272,7 @@ void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
273 verdict >> NF_VERDICT_BITS)) 272 verdict >> NF_VERDICT_BITS))
274 goto next_hook; 273 goto next_hook;
275 break; 274 break;
275 case NF_STOLEN:
276 default: 276 default:
277 kfree_skb(skb); 277 kfree_skb(skb);
278 } 278 }