Resend: [2.6 PATCH] Re: leak in bridge netfilter if skb traverses > 1 bridge

Hi, Resending to make sure this doesn't fall through the cracks. The following patch applies to 2.6 and fixes a memory leak. Signed-off-by: David Kimdon <[EMAIL PROTECTED]> * net/bridge/br_netfilter.c (br_nf_pre_routing, br_nf_pre_routing_ipv6) : Call nf_bridge_put() before allocating a new n

[2.6 PATCH] Re: leak in bridge netfilter if skb traverses > 1 bridge

The patch I posted previously applies to 2.4. The following patch applies to 2.6. Signed-off-by: David Kimdon <[EMAIL PROTECTED]> * net/bridge/br_netfilter.c (br_nf_pre_routing, br_nf_pre_routing_ipv6) : Call nf_bridge_put() before allocating a new nf_bridge structure and potentially overwri

[PATCH] Re: leak in bridge netfilter if skb traverses > 1 bridge

Indeed, as Herbert pointed out, no need to NULL the pointer, updated patch follows. Signed-off-by: David Kimdon <[EMAIL PROTECTED]> * net/bridge/br_netfilter.c (br_nf_pre_routing) : Call nf_bridge_put() before potentially allocating a new nf_bridge structure and overwr

Re: leak in bridge netfilter if skb traverses > 1 bridge

David Kimdon <[EMAIL PROTECTED]> wrote: > > --- linux-2.4.x/net/core/skbuff.c > +++ linux-2.4.x/net/core/skbuff.c > @@ -216,6 +216,9 @@ >atomic_set(&(skb_shinfo(skb)->dataref), 1); >skb_shinfo(skb)->nr_frags = 0; >skb_shinfo(skb)->frag_list = NULL; > +#if defined(CONFIG_BRI

leak in bridge netfilter if skb traverses > 1 bridge

When the bridge topology allows a single skb to traverse more than one bridge we end up leaking skb->nf_bridge each time the skb enters the second or higher bridge. The leak occurs when bridge netfilter is enabled on 2.4 (with bridge netfilter patch) and 2.6 git head, proposed 2.4 fix below. Leak