netfilter: nf_flow_offload: fix use-after-free and a resource leak
authorFelix Fietkau <nbd@nbd.name>
Wed, 7 Feb 2018 08:49:02 +0000 (09:49 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 7 Feb 2018 10:55:52 +0000 (11:55 +0100)
commit0ff90b6c20340e57616a51ae1a1bf18156d6638a
treeea8f92d7b66248c515234e119819aa620ef77a33
parentd8ed9600581d40d818ae417b3086a333841b0559
netfilter: nf_flow_offload: fix use-after-free and a resource leak

flow_offload_del frees the flow, so all associated resource must be
freed before.

Since the ct entry in struct flow_offload_entry was allocated by
flow_offload_alloc, it should be freed by flow_offload_free to take care
of the error handling path when flow_offload_add fails.

While at it, make flow_offload_del static, since it should never be
called directly, only from the gc step

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/netfilter/nf_flow_table.h
net/netfilter/nf_flow_table.c