[PATCH 05/13] netfilter: fix memory leak when register sysctl failed

Gao feng <gaofeng@xxxxxxxxxxxxxx> · Thu, 21 Jun 2012 22:36:42 +0800

in nf_ct_l4proto_register_sysctl,when register l4proto' sysctl failed,
we should free the compat sysctl table.

Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
---
 net/netfilter/nf_conntrack_proto.c |   29 ++++++++++++++++-------------
 1 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 63612e6..42e686b 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -341,25 +341,28 @@ int nf_ct_l4proto_register_sysctl(struct net *net,
 				kfree(pn->ctl_table);
 				pn->ctl_table = NULL;
 			}
-			goto out;
 		}
 	}
 #ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
 	if (l4proto->l3proto != AF_INET6 && pn->ctl_compat_table != NULL) {
-		err = nf_ct_register_sysctl(net,
-					    &pn->ctl_compat_header,
-					    "net/ipv4/netfilter",
-					    pn->ctl_compat_table);
-		if (err == 0)
-			goto out;
-
-		nf_ct_kfree_compat_sysctl_table(pn);
-		nf_ct_unregister_sysctl(&pn->ctl_table_header,
-					&pn->ctl_table,
-					pn->users);
+		if (err < 0)
+			nf_ct_kfree_compat_sysctl_table(pn);
+		else {
+			err = nf_ct_register_sysctl(net,
+						    &pn->ctl_compat_header,
+						    "net/ipv4/netfilter",
+						    pn->ctl_compat_table);
+			if (err == 0)
+				goto out;
+
+			nf_ct_kfree_compat_sysctl_table(pn);
+			nf_ct_unregister_sysctl(&pn->ctl_table_header,
+						&pn->ctl_table,
+						pn->users);
+		}
 	}
-#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
 out:
+#endif /* CONFIG_NF_CONNTRACK_PROC_COMPAT */
 #endif /* CONFIG_SYSCTL */
 	return err;
 }
-- 
1.7.7.6

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html





