aboutsummaryrefslogtreecommitdiffstats
path: root/security/security.c
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2005-08-14 22:27:13 -0400
committerDavid S. Miller <davem@sunset.davemloft.net>2005-08-29 19:00:45 -0400
commit77247bbb3094246be9d057e7be442cc708f123a8 (patch)
treef6129e1aa25be790fdf38d5f39e1d38b2fa19587 /security/security.c
parentdb080529798b497eb5a37b92a25e966be5a7dd5d (diff)
[NETLINK]: Fix module refcounting problems
Use-after-free: the struct proto_ops containing the module pointer is freed when a socket with pid=0 is released, which besides for kernel sockets is true for all unbound sockets. Module refcount leak: when the kernel socket is closed before all user sockets have been closed the proto_ops struct for this family is replaced by the generic one and the module refcount can't be dropped. The second problem can't be solved cleanly using module refcounting in the generic socket code, so this patch adds explicit refcounting to netlink_create/netlink_release. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security/security.c')
0 files changed, 0 insertions, 0 deletions