linux-hardened/net/netlink
Herbert Xu 92964c79b3 netlink: Fix dump skb leak/double free
When we free cb->skb after a dump, we do it after releasing the
lock.  This means that a new dump could have started in the time
being and we'll end up freeing their skb instead of ours.

This patch saves the skb and module before we unlock so we free
the right memory.

Fixes: 16b304f340 ("netlink: Eliminate kmalloc in netlink dump operation.")
Reported-by: Baozeng Ding <sploving1@gmail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-05-16 22:05:15 -04:00
..
af_netlink.c netlink: Fix dump skb leak/double free 2016-05-16 22:05:15 -04:00
af_netlink.h netlink: remove mmapped netlink support 2016-02-18 11:42:18 -05:00
diag.c netlink: remove mmapped netlink support 2016-02-18 11:42:18 -05:00
genetlink.c Revert "genl: Add genlmsg_new_unicast() for unicast message allocation" 2016-02-18 11:42:19 -05:00
Kconfig netlink: remove mmapped netlink support 2016-02-18 11:42:18 -05:00
Makefile netlink: Diag core and basic socket info dumping (v2) 2013-03-21 12:38:03 -04:00