projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ef61755)
gtp: add missing gtp_encap_disable_sock() in gtp_encap_enable()
authorTaehee Yoo <ap420073@gmail.com>
Tue, 2 Jul 2019 15:24:04 +0000 (00:24 +0900)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 31 Jul 2019 05:28:33 +0000 (07:28 +0200)
[ Upstream commit e30155fd23c9c141cbe7d99b786e10a83a328837 ]

If an invalid role is sent from user space, gtp_encap_enable() will fail.
Then, it should call gtp_encap_disable_sock() but current code doesn't.
It makes memory leak.

Fixes: 91ed81f9abc7 ("gtp: support SGSN-side tunnels")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/net/gtp.c patch | blob | blame | history

diff --git a/drivers/net/gtp.c b/drivers/net/gtp.c
index f38e32a7ec9c979ac4524c31e09da375a6e0606c..dba3869b61bed0cab64f8881bf49e4a6f9b17557 100644 (file)
--- a/drivers/net/gtp.c
+++ b/drivers/net/gtp.c
@@ -845,8 +845,13 @@ static int gtp_encap_enable(struct gtp_dev *gtp, struct nlattr *data[])
 
        if (data[IFLA_GTP_ROLE]) {
                role = nla_get_u32(data[IFLA_GTP_ROLE]);
-               if (role > GTP_ROLE_SGSN)
+               if (role > GTP_ROLE_SGSN) {
+                       if (sk0)
+                               gtp_encap_disable_sock(sk0);
+                       if (sk1u)
+                               gtp_encap_disable_sock(sk1u);
                        return -EINVAL;
+               }
        }
 
        gtp->sk0 = sk0;