PPPOE skb leak

To:	mostrows@xxxxxxxxxxxxx
Subject:	PPPOE skb leak
From:	"David S. Miller" <davem@xxxxxxxxxx>
Date:	Mon, 24 Nov 2003 19:54:53 -0800
Cc:	netdev@xxxxxxxxxxx
Sender:	netdev-bounce@xxxxxxxxxxx

PPPOE packet reception does not check the return value of
sock_queue_rcv_skb() and therefore can leak packets.

Here is the fix I've installed.

# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
#                  ChangeSet    1.1486  -> 1.1487 
#        drivers/net/pppoe.c    1.35    -> 1.36   
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 03/11/24      davem@xxxxxxxxxxxxxx    1.1487
# [PPPOE]: Do not leak SKB if sock_queue_rcv_skb() fails.
# --------------------------------------------
#
diff -Nru a/drivers/net/pppoe.c b/drivers/net/pppoe.c
--- a/drivers/net/pppoe.c       Mon Nov 24 19:50:44 2003
+++ b/drivers/net/pppoe.c       Mon Nov 24 19:50:44 2003
@@ -352,7 +352,8 @@
                if (!__pppoe_xmit( relay_po->sk, skb))
                        goto abort_put;
        } else {
-               sock_queue_rcv_skb(sk, skb);
+               if (sock_queue_rcv_skb(sk, skb))
+                       goto abort_kfree;
        }
 
        return NET_RX_SUCCESS;

<Prev in Thread]	Current Thread	[Next in Thread>
PPPOE skb leak, David S. Miller <=

Previous by Date:	Re: Possible IRDA SKB leaks, Jean Tourrilhes
Next by Date:	ECONET skb leak fix, David S. Miller
Previous by Thread:	Possible IRDA SKB leaks, David S. Miller
Next by Thread:	ECONET skb leak fix, David S. Miller
Indexes:	[Date] [Thread] [Top] [All Lists]