diff options
author | Thomas Haller <thaller@redhat.com> | 2023-12-04 11:36:16 +0100 |
---|---|---|
committer | Thomas Haller <thaller@redhat.com> | 2023-12-04 11:37:58 +0100 |
commit | d8a1ff30c4864bd57c2d895ef88df8a2d138a17d (patch) | |
tree | 256098c4310f0ecda63d432b54071ea02c37e65b | |
parent | 4fcb075720ed3beea4ceee3f679305caacd0f51b (diff) | |
download | libnl-d8a1ff30c4864bd57c2d895ef88df8a2d138a17d.tar.gz |
xfrm: fix leaking usertemplate in xfrmnl_sp_parse()
Fixes: 49c20efaa783 ('xfrm: fix crashes in case of ENOMEM')
-rw-r--r-- | include/nl-aux-xfrm/nl-xfrm.h | 7 | ||||
-rw-r--r-- | lib/xfrm/sp.c | 4 |
2 files changed, 9 insertions, 2 deletions
diff --git a/include/nl-aux-xfrm/nl-xfrm.h b/include/nl-aux-xfrm/nl-xfrm.h index 0f7e7a71..9c5c46a6 100644 --- a/include/nl-aux-xfrm/nl-xfrm.h +++ b/include/nl-aux-xfrm/nl-xfrm.h @@ -23,4 +23,11 @@ void xfrmnl_ae_put(struct xfrmnl_ae *ae); _NL_AUTO_DEFINE_FCN_TYPED0(struct xfrmnl_ae *, _nl_auto_xfrmnl_ae_fcn, xfrmnl_ae_put); +struct xfrmnl_user_tmpl; +void xfrmnl_user_tmpl_free(struct xfrmnl_user_tmpl *utmpl); +#define _nl_auto_xfrmnl_user_tmpl _nl_auto(_nl_auto_xfrmnl_user_tmpl_fcn) +_NL_AUTO_DEFINE_FCN_TYPED0(struct xfrmnl_user_tmpl *, + _nl_auto_xfrmnl_user_tmpl_fcn, + xfrmnl_user_tmpl_free); + #endif /* __NETLINK_NL_AUX_XFRM_NL_XFRM_H__ */ diff --git a/lib/xfrm/sp.c b/lib/xfrm/sp.c index e98339c0..a996455a 100644 --- a/lib/xfrm/sp.c +++ b/lib/xfrm/sp.c @@ -651,12 +651,12 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result) if (tb[XFRMA_TMPL]) { struct xfrm_user_tmpl* tmpl = nla_data(tb[XFRMA_TMPL]); - struct xfrmnl_user_tmpl* sputmpl; uint32_t i; uint32_t num_tmpls = nla_len(tb[XFRMA_TMPL]) / sizeof (*tmpl); for (i = 0; (i < num_tmpls) && (tmpl); i ++, tmpl++) { + _nl_auto_xfrmnl_user_tmpl struct xfrmnl_user_tmpl *sputmpl = NULL; _nl_auto_nl_addr struct nl_addr *addr1 = NULL; _nl_auto_nl_addr struct nl_addr *addr2 = NULL; @@ -681,7 +681,7 @@ int xfrmnl_sp_parse(struct nlmsghdr *n, struct xfrmnl_sp **result) xfrmnl_user_tmpl_set_aalgos (sputmpl, tmpl->aalgos); xfrmnl_user_tmpl_set_ealgos (sputmpl, tmpl->ealgos); xfrmnl_user_tmpl_set_calgos (sputmpl, tmpl->calgos); - xfrmnl_sp_add_usertemplate (sp, sputmpl); + xfrmnl_sp_add_usertemplate (sp, _nl_steal_pointer(&sputmpl)); sp->ce_mask |= XFRM_SP_ATTR_TMPL; } |