[PATCH] fix dst_entry leak in icmp_push_reply()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



If the ip_append_data() call in icmp_push_reply() fails, ip_flush_pending_frames() needs to be called. Otherwise, ip_rt_put() is never called on inet_sk(icmp_socket->sk)->cork.rt, which prevents the route (and net_device) from ever being freed.

I've attached a patch which fixes the problem.

Ollie Wild
diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
--- a/net/ipv4/icmp.c
+++ b/net/ipv4/icmp.c
@@ -368,6 +368,8 @@ static void icmp_push_reply(struct icmp_
 		icmph->checksum = csum_fold(csum);
 		skb->ip_summed = CHECKSUM_NONE;
 		ip_push_pending_frames(icmp_socket->sk);
+	} else {
+		ip_flush_pending_frames(icmp_socket->sk);
 	}
 }
 

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux