netfilter: nf_conntrack_bridge: Fix memory leak when error

[ Upstream commit 38ea9def5b62f9193f6bad96c5d108e2830ecbde ] It should be added kfree_skb_list() when err is not equal to zero in nf_br_ip_fragment(). v2: keep this aligned with IPv6. v3: modify iter.frag_list to iter.frag. Fixes: 3c171f496ef5 ("netfilter: bridge: add connection tracking system") Signed-off-by: Yajun Deng <yajun.deng@linux.dev> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Yajun Deng <yajun.deng@linux.dev> 2021-07-29 16:20:21 +0800
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2021-08-18 08:56:58 +0200
commit: b036452082f321b83906e085403706743362bcfe (patch)
tree: cf5fa3f7f321ea97ed9c6f0e70f6c2e2396af074 /net
parent: cd36a36ea4ea0ab5134fc28effa20a4290290317 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/net/bridge/netfilter/nf_conntrack_bridge.c b/net/bridge/netfilter/nf_conntrack_bridge.c
index 8d033a75a766..fdbed3158555 100644
--- a/net/bridge/netfilter/nf_conntrack_bridge.c
+++ b/net/bridge/netfilter/nf_conntrack_bridge.c
@@ -88,6 +88,12 @@ static int nf_br_ip_fragment(struct net *net, struct sock *sk,
 
 			skb = ip_fraglist_next(&iter);
 		}
+
+		if (!err)
+			return 0;
+
+		kfree_skb_list(iter.frag);
+
 		return err;
 	}
 slow_path:
author	Yajun Deng <yajun.deng@linux.dev>	2021-07-29 16:20:21 +0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2021-08-18 08:56:58 +0200
commit	b036452082f321b83906e085403706743362bcfe (patch)
tree	cf5fa3f7f321ea97ed9c6f0e70f6c2e2396af074 /net
parent	cd36a36ea4ea0ab5134fc28effa20a4290290317 (diff)