Revision e7c243c925f6d9dcb898504ff24d6650b5cbb3b1 authored by Evgeniy Polyakov on 25 August 2007, 06:36:29 UTC, committed by David S. Miller on 27 August 2007, 01:35:47 UTC
I tried to preserve bridging code as it was before, but logic is quite strange - I think we should free skb on error, since it is already unshared and thus will just leak. Herbert Xu states: > + if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) > + goto out; If this happens it'll be a double-free on skb since we'll return NF_DROP which makes the caller free it too. We could return NF_STOLEN to prevent that but I'm not sure whether that's correct netfilter semantics. Patrick, could you please make a call on this? Patrick McHardy states: NF_STOLEN should work fine here. Signed-off-by: Evgeniy Polyakov <johnpol@2ka.mipt.ru> Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent 7c8347a
File | Mode | Size |
---|---|---|
ipv4 | ||
ipv6 | ||
nf_conntrack.h | -rw-r--r-- | 7.7 KB |
nf_conntrack_core.h | -rw-r--r-- | 2.8 KB |
nf_conntrack_ecache.h | -rw-r--r-- | 2.4 KB |
nf_conntrack_expect.h | -rw-r--r-- | 2.3 KB |
nf_conntrack_extend.h | -rw-r--r-- | 2.0 KB |
nf_conntrack_helper.h | -rw-r--r-- | 1.8 KB |
nf_conntrack_l3proto.h | -rw-r--r-- | 3.0 KB |
nf_conntrack_l4proto.h | -rw-r--r-- | 4.2 KB |
nf_conntrack_tuple.h | -rw-r--r-- | 5.5 KB |
nf_nat.h | -rw-r--r-- | 2.4 KB |
nf_nat_core.h | -rw-r--r-- | 875 bytes |
nf_nat_helper.h | -rw-r--r-- | 1020 bytes |
nf_nat_protocol.h | -rw-r--r-- | 2.3 KB |
nf_nat_rule.h | -rw-r--r-- | 631 bytes |
Computing file changes ...