Simon Horman
2007-04-26 04:03:22 UTC
Hi,
Using valgrind I discovered that libnet_pblock_coalesce() will
leak l if an error is encountered. I'm not sure how widespread this
problem is in libnet. But in this case the fix is simple enough.
Index: libnet-1.1.2.1-wip/src/libnet_pblock.c
===================================================================
--- libnet-1.1.2.1-wip.orig/src/libnet_pblock.c 2007-04-13 14:47:17.000000000 +0900
+++ libnet-1.1.2.1-wip/src/libnet_pblock.c 2007-04-13 14:47:19.000000000 +0900
@@ -339,7 +339,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): packet assembly cannot find a layer 2 header\n",
__func__);
- return (-1);
+ goto err;
}
break;
case LIBNET_RAW4:
@@ -348,7 +348,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): packet assembly cannot find an IPv4 header\n",
__func__);
- return (-1);
+ goto err;
}
break;
case LIBNET_RAW6:
@@ -357,7 +357,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): packet assembly cannot find an IPv6 header\n",
__func__);
- return (-1);
+ goto err;
}
break;
default:
@@ -365,7 +365,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): suddenly the dungeon collapses -- you die\n",
__func__);
- return (-1);
+ goto err;
break;
}
}
@@ -419,6 +419,10 @@
*size -= l->aligner;
}
return (1);
+
+err:
+ free(packet);
+ return (-1);
}
void
For reference this problem is also recorded as debian bug 418979[1],
and you can add information to that bug by simply sending email
to ***@bugs.debian.org.
[1] http://bugs.debian.org/418975
Using valgrind I discovered that libnet_pblock_coalesce() will
leak l if an error is encountered. I'm not sure how widespread this
problem is in libnet. But in this case the fix is simple enough.
Index: libnet-1.1.2.1-wip/src/libnet_pblock.c
===================================================================
--- libnet-1.1.2.1-wip.orig/src/libnet_pblock.c 2007-04-13 14:47:17.000000000 +0900
+++ libnet-1.1.2.1-wip/src/libnet_pblock.c 2007-04-13 14:47:19.000000000 +0900
@@ -339,7 +339,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): packet assembly cannot find a layer 2 header\n",
__func__);
- return (-1);
+ goto err;
}
break;
case LIBNET_RAW4:
@@ -348,7 +348,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): packet assembly cannot find an IPv4 header\n",
__func__);
- return (-1);
+ goto err;
}
break;
case LIBNET_RAW6:
@@ -357,7 +357,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): packet assembly cannot find an IPv6 header\n",
__func__);
- return (-1);
+ goto err;
}
break;
default:
@@ -365,7 +365,7 @@
snprintf(l->err_buf, LIBNET_ERRBUF_SIZE,
"%s(): suddenly the dungeon collapses -- you die\n",
__func__);
- return (-1);
+ goto err;
break;
}
}
@@ -419,6 +419,10 @@
*size -= l->aligner;
}
return (1);
+
+err:
+ free(packet);
+ return (-1);
}
void
For reference this problem is also recorded as debian bug 418979[1],
and you can add information to that bug by simply sending email
to ***@bugs.debian.org.
[1] http://bugs.debian.org/418975