[maint] batman-adv: release vlan object after checking the CRC
Commit Message
There is a refcounter unbalance in the CRC checking routine
invoked on OGM reception. A vlan object is retrieved (thus
its refcounter is increased by one) but it is never properly
released. This leads to a memleak because the vlan object
will never be free'd.
Fix this by releasing the vlan object after having read the
CRC.
Reported-by: Russell Senior <russell@personaltelco.net>
Reported-by: Daniel <daniel@makrotopia.org>
Reported-by: cmsv <cmsv@wirelesspt.net>
Signed-off-by: Antonio Quartulli <antonio@meshcoding.com>
---
translation-table.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
Comments
On Tuesday 28 January 2014 02:06:47 Antonio Quartulli wrote:
> There is a refcounter unbalance in the CRC checking routine
> invoked on OGM reception. A vlan object is retrieved (thus
> its refcounter is increased by one) but it is never properly
> released. This leads to a memleak because the vlan object
> will never be free'd.
>
> Fix this by releasing the vlan object after having read the
> CRC.
>
> Reported-by: Russell Senior <russell@personaltelco.net>
> Reported-by: Daniel <daniel@makrotopia.org>
> Reported-by: cmsv <cmsv@wirelesspt.net>
> Signed-off-by: Antonio Quartulli <antonio@meshcoding.com>
> ---
> translation-table.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
Applied in revision dc08c04.
Thanks,
Marek
@@ -2248,6 +2248,7 @@ static bool batadv_tt_global_check_crc(struct batadv_orig_node *orig_node,
{
struct batadv_tvlv_tt_vlan_data *tt_vlan_tmp;
struct batadv_orig_node_vlan *vlan;
+ uint32_t crc;
int i;
/* check if each received CRC matches the locally stored one */
@@ -2267,7 +2268,10 @@ static bool batadv_tt_global_check_crc(struct batadv_orig_node *orig_node,
if (!vlan)
return false;
- if (vlan->tt.crc != ntohl(tt_vlan_tmp->crc))
+ crc = vlan->tt.crc;
+ batadv_orig_node_vlan_free_ref(vlan);
+
+ if (crc != ntohl(tt_vlan_tmp->crc))
return false;
}