From 32d9a4bf0c2d72fb3b8842af4131077ad3ba1439 Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Thu, 16 Jan 2020 13:09:31 +0300 Subject: [PATCH] netfilter: nf_tables: fix memory leak in nf_tables_parse_netdev_hooks() Syzbot detected a leak in nf_tables_parse_netdev_hooks(). If the hook already exists, then the error handling doesn't free the newest "hook". Reported-by: syzbot+f9d4095107fc8749c69c@syzkaller.appspotmail.com Fixes: 9da2c8215737 ("netfilter: nf_tables: allow netdevice to be used only once per flowtable") Signed-off-by: Dan Carpenter Reviewed-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso --- net/netfilter/nf_tables_api.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index b3692458d428e..896a6e8aff914 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1680,6 +1680,7 @@ static int nf_tables_parse_netdev_hooks(struct net *net, goto err_hook; } if (nft_hook_list_find(hook_list, hook)) { + kfree(hook); err = -EEXIST; goto err_hook; } -- 2.39.5