summaryrefslogtreecommitdiffstats
path: root/net/key
diff options
context:
space:
mode:
authorDavid S. Miller2019-07-05 23:58:22 +0200
committerDavid S. Miller2019-07-05 23:58:22 +0200
commit114b5b355ec0b6e83a6628a5ab5d03e50fd40a31 (patch)
tree70f32db394b63b61d6d2657f8d4dfac925a066a5 /net/key
parentbonding: validate ip header before check IPPROTO_IGMP (diff)
parentxfrm interface: fix memory leak on creation (diff)
downloadkernel-qcow2-linux-114b5b355ec0b6e83a6628a5ab5d03e50fd40a31.tar.gz
kernel-qcow2-linux-114b5b355ec0b6e83a6628a5ab5d03e50fd40a31.tar.xz
kernel-qcow2-linux-114b5b355ec0b6e83a6628a5ab5d03e50fd40a31.zip
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec
Steffen Klassert says: ==================== pull request (net): ipsec 2019-07-05 1) Fix xfrm selector prefix length validation for inter address family tunneling. From Anirudh Gupta. 2) Fix a memleak in pfkey. From Jeremy Sowden. 3) Fix SA selector validation to allow empty selectors again. From Nicolas Dichtel. 4) Select crypto ciphers for xfrm_algo, this fixes some randconfig builds. From Arnd Bergmann. 5) Remove a duplicated assignment in xfrm_bydst_resize. From Cong Wang. 6) Fix a hlist corruption on hash rebuild. From Florian Westphal. 7) Fix a memory leak when creating xfrm interfaces. From Nicolas Dichtel. Please pull or let me know if there are problems. ==================== Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/key')
-rw-r--r--net/key/af_key.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c
index a50dd6f34b91..fe5fc4bab7ee 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -2438,8 +2438,10 @@ static int key_pol_get_resp(struct sock *sk, struct xfrm_policy *xp, const struc
goto out;
}
err = pfkey_xfrm_policy2msg(out_skb, xp, dir);
- if (err < 0)
+ if (err < 0) {
+ kfree_skb(out_skb);
goto out;
+ }
out_hdr = (struct sadb_msg *) out_skb->data;
out_hdr->sadb_msg_version = hdr->sadb_msg_version;
@@ -2690,8 +2692,10 @@ static int dump_sp(struct xfrm_policy *xp, int dir, int count, void *ptr)
return PTR_ERR(out_skb);
err = pfkey_xfrm_policy2msg(out_skb, xp, dir);
- if (err < 0)
+ if (err < 0) {
+ kfree_skb(out_skb);
return err;
+ }
out_hdr = (struct sadb_msg *) out_skb->data;
out_hdr->sadb_msg_version = pfk->dump.msg_version;