From 5b63bb61b2d4f6ed8b7a3e9b5cd77eeb1043f203 Mon Sep 17 00:00:00 2001 From: jiangheng Date: Mon, 10 Oct 2022 17:27:05 +0800 Subject: [PATCH] backport some patches from community --- ...e-Fix-memory-leak-when-doing-fdb-get.patch | 68 +++++++++++++++++++ ...x-memory-leak-when-specifying-device.patch | 50 ++++++++++++++ ...neigh-Fix-memory-leak-when-doing-get.patch | 54 +++++++++++++++ ...memory-leak-when-doing-endpoint-show.patch | 49 +++++++++++++ ...-Fix-memory-leak-when-getting-limits.patch | 54 +++++++++++++++ iproute.spec | 15 +++- 6 files changed, 288 insertions(+), 2 deletions(-) create mode 100644 backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch create mode 100644 backport-ip-address-Fix-memory-leak-when-specifying-device.patch create mode 100644 backport-ip-neigh-Fix-memory-leak-when-doing-get.patch create mode 100644 backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch create mode 100644 backport-mptcp-Fix-memory-leak-when-getting-limits.patch diff --git a/backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch b/backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch new file mode 100644 index 0000000..aa25d0b --- /dev/null +++ b/backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch @@ -0,0 +1,68 @@ +From 6db01afd60748afbba114be2773be338c5be28ff Mon Sep 17 00:00:00 2001 +From: Benjamin Poirier +Date: Mon, 11 Jul 2022 08:52:51 +0900 +Subject: [PATCH] bridge: Fix memory leak when doing 'fdb get' + +With the following command sequence: + +ip link add br0 up type bridge +ip link add dummy0 up address 02:00:00:00:00:01 master br0 type dummy +bridge fdb get 02:00:00:00:00:01 br br0 + +when running the last command under valgrind, it reports + +32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2 + at 0x483F7B5: malloc (vg_replace_malloc.c:381) + by 0x11C1EC: rtnl_recvmsg (libnetlink.c:838) + by 0x11C4D1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) + by 0x11D994: __rtnl_talk (libnetlink.c:1141) + by 0x11D994: rtnl_talk (libnetlink.c:1147) + by 0x10D336: fdb_get (fdb.c:652) + by 0x48907FC: (below main) (libc-start.c:332) + +Free the answer obtained from rtnl_talk(). + +Fixes: 4ed5ad7bd3c6 ("bridge: fdb get support") +Reported-by: Ido Schimmel +Reviewed-by: Ido Schimmel +Signed-off-by: Benjamin Poirier +Signed-off-by: Stephen Hemminger +Conflict: NA +Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=6db01afd +--- + bridge/fdb.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/bridge/fdb.c b/bridge/fdb.c +index 8912f092..08f6c72b 100644 +--- a/bridge/fdb.c ++++ b/bridge/fdb.c +@@ -571,6 +571,7 @@ static int fdb_get(int argc, char **argv) + char *addr = NULL; + short vlan = -1; + char *endptr; ++ int ret; + + while (argc > 0) { + if ((strcmp(*argv, "brport") == 0) || strcmp(*argv, "dev") == 0) { +@@ -657,13 +658,15 @@ static int fdb_get(int argc, char **argv) + * if -json was specified. + */ + new_json_obj(json); ++ ret = 0; + if (print_fdb(answer, stdout) < 0) { + fprintf(stderr, "An error :-)\n"); +- return -1; ++ ret = -1; + } + delete_json_obj(); ++ free(answer); + +- return 0; ++ return ret; + } + + int do_fdb(int argc, char **argv) +-- +2.23.0 + diff --git a/backport-ip-address-Fix-memory-leak-when-specifying-device.patch b/backport-ip-address-Fix-memory-leak-when-specifying-device.patch new file mode 100644 index 0000000..44df524 --- /dev/null +++ b/backport-ip-address-Fix-memory-leak-when-specifying-device.patch @@ -0,0 +1,50 @@ +From 1d540336b026ed5bfe10eefac383db7f434d842f Mon Sep 17 00:00:00 2001 +From: Benjamin Poirier +Date: Mon, 11 Jul 2022 08:52:50 +0900 +Subject: [PATCH] ip address: Fix memory leak when specifying device + +Running a command like `ip addr show dev lo` under valgrind informs us that + +32,768 bytes in 1 blocks are definitely lost in loss record 4 of 4 + at 0x483577F: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so) + by 0x16CBE2: rtnl_recvmsg (libnetlink.c:775) + by 0x16CF04: __rtnl_talk_iov (libnetlink.c:954) + by 0x16E257: __rtnl_talk (libnetlink.c:1059) + by 0x16E257: rtnl_talk (libnetlink.c:1065) + by 0x115CB1: ipaddr_link_get (ipaddress.c:1833) + by 0x11A0D1: ipaddr_list_flush_or_save (ipaddress.c:2030) + by 0x1152EB: do_cmd (ip.c:115) + by 0x114D6F: main (ip.c:321) + +After calling store_nlmsg(), the original buffer should be freed. That is +the pattern used elsewhere through the rtnl_dump_filter() call chain. + +Fixes: 884709785057 ("ip address: Set device index in dump request") +Reported-by: Binu Gopalakrishnapillai +Reviewed-by: Ido Schimmel +Signed-off-by: Benjamin Poirier +Signed-off-by: Stephen Hemminger +Conflict: NA +Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=1d540336 +--- + ip/ipaddress.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/ip/ipaddress.c b/ip/ipaddress.c +index a288341c..59ef1e4b 100644 +--- a/ip/ipaddress.c ++++ b/ip/ipaddress.c +@@ -2030,8 +2030,10 @@ static int ipaddr_link_get(int index, struct nlmsg_chain *linfo) + + if (store_nlmsg(answer, linfo) < 0) { + fprintf(stderr, "Failed to process link information\n"); ++ free(answer); + return 1; + } ++ free(answer); + + return 0; + } +-- +2.23.0 + diff --git a/backport-ip-neigh-Fix-memory-leak-when-doing-get.patch b/backport-ip-neigh-Fix-memory-leak-when-doing-get.patch new file mode 100644 index 0000000..61bdffd --- /dev/null +++ b/backport-ip-neigh-Fix-memory-leak-when-doing-get.patch @@ -0,0 +1,54 @@ +From c5433c4b7a57d380f4cb351316f5ba5ebae9538e Mon Sep 17 00:00:00 2001 +From: Benjamin Poirier +Date: Mon, 11 Jul 2022 08:52:54 +0900 +Subject: [PATCH] ip neigh: Fix memory leak when doing 'get' + +With the following command sequence: + +ip link add dummy0 type dummy +ip neigh add 192.168.0.1 dev dummy0 +ip neigh get 192.168.0.1 dev dummy0 + +when running the last command under valgrind, it reports + +32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2 + at 0x483F7B5: malloc (vg_replace_malloc.c:381) + by 0x17A0EC: rtnl_recvmsg (libnetlink.c:838) + by 0x17A3D1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) + by 0x17B894: __rtnl_talk (libnetlink.c:1141) + by 0x17B894: rtnl_talk (libnetlink.c:1147) + by 0x12E49B: ipneigh_get (ipneigh.c:728) + by 0x1174CB: do_cmd (ip.c:136) + by 0x116F7C: main (ip.c:324) + +Free the answer obtained from rtnl_talk(). + +Fixes: 62842362370b ("ipneigh: neigh get support") +Suggested-by: Ido Schimmel +Reviewed-by: Ido Schimmel +Signed-off-by: Benjamin Poirier +Signed-off-by: Stephen Hemminger +Conflict: NA +Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=c5433c4b +--- + ip/ipneigh.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/ip/ipneigh.c b/ip/ipneigh.c +index 7facc399..61b0a4a2 100644 +--- a/ip/ipneigh.c ++++ b/ip/ipneigh.c +@@ -731,8 +731,10 @@ static int ipneigh_get(int argc, char **argv) + ipneigh_reset_filter(0); + if (print_neigh(answer, stdout) < 0) { + fprintf(stderr, "An error :-)\n"); ++ free(answer); + return -1; + } ++ free(answer); + + return 0; + } +-- +2.23.0 + diff --git a/backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch b/backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch new file mode 100644 index 0000000..95bb7e4 --- /dev/null +++ b/backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch @@ -0,0 +1,49 @@ +From afdbb0204a5872f1f76058a0db5a529b1f0c8de7 Mon Sep 17 00:00:00 2001 +From: Benjamin Poirier +Date: Mon, 11 Jul 2022 08:52:52 +0900 +Subject: [PATCH] mptcp: Fix memory leak when doing 'endpoint show' + +With the following command sequence: + +ip mptcp endpoint add 127.0.0.1 id 1 +ip mptcp endpoint show id 1 + +when running the last command under valgrind, it reports + +32,768 bytes in 1 blocks are definitely lost in loss record 2 of 2 +at 0x483F7B5: malloc (vg_replace_malloc.c:381) +by 0x17A0AC: rtnl_recvmsg (libnetlink.c:838) +by 0x17A391: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) +by 0x17B854: __rtnl_talk (libnetlink.c:1141) +by 0x17B854: rtnl_talk (libnetlink.c:1147) +by 0x168A56: mptcp_addr_show (ipmptcp.c:334) +by 0x1174CB: do_cmd (ip.c:136) +by 0x116F7C: main (ip.c:324) + +Free the answer obtained from rtnl_talk(). + +Fixes: 7e0767cd862b ("add support for mptcp netlink interface") +Suggested-by: Ido Schimmel +Reviewed-by: Ido Schimmel +Signed-off-by: Benjamin Poirier +Signed-off-by: Stephen Hemminger +Conflict: adapt patch due to json_xxx conflict +Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=afdbb020 +--- +ip/ipmptcp.c | 1 + +1 file changed, 1 insertion(+) +diff --git a/ip/ipmptcp.c b/ip/ipmptcp.c +index fd042da..763908f 100644 +--- a/ip/ipmptcp.c ++++ b/ip/ipmptcp.c +@@ -299,7 +299,9 @@ static int mptcp_addr_show(int argc, char **argv) + if (rtnl_talk(&genl_rth, &req.n, &answer) < 0) + return -2; + +- return print_mptcp_addr(answer, stdout); ++ ret = print_mptcp_addr(answer, stdout); ++ free(answer); ++ return ret; + } + + static int mptcp_addr_flush(int argc, char **argv) diff --git a/backport-mptcp-Fix-memory-leak-when-getting-limits.patch b/backport-mptcp-Fix-memory-leak-when-getting-limits.patch new file mode 100644 index 0000000..e74540e --- /dev/null +++ b/backport-mptcp-Fix-memory-leak-when-getting-limits.patch @@ -0,0 +1,54 @@ +From 2cb76253ed852559a4f2b315f5e23457a15d71e5 Mon Sep 17 00:00:00 2001 +From: Benjamin Poirier +Date: Mon, 11 Jul 2022 08:52:53 +0900 +Subject: [PATCH] mptcp: Fix memory leak when getting limits + +When running the command `ip mptcp limits` under valgrind, it reports + +32,768 bytes in 1 blocks are definitely lost in loss record 1 of 1 + at 0x483F7B5: malloc (vg_replace_malloc.c:381) + by 0x17A0BC: rtnl_recvmsg (libnetlink.c:838) + by 0x17A3A1: __rtnl_talk_iov.constprop.0 (libnetlink.c:1040) + by 0x17B864: __rtnl_talk (libnetlink.c:1141) + by 0x17B864: rtnl_talk (libnetlink.c:1147) + by 0x16837D: mptcp_limit_get_set (ipmptcp.c:436) + by 0x1174CB: do_cmd (ip.c:136) + by 0x116F7C: main (ip.c:324) + +Free the answer obtained from rtnl_talk(). + +Fixes: 7e0767cd862b ("add support for mptcp netlink interface") +Suggested-by: Ido Schimmel +Reviewed-by: Ido Schimmel +Signed-off-by: Benjamin Poirier +Signed-off-by: Stephen Hemminger +Conflict: NA +Reference: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit?id=2cb76253 +--- + ip/ipmptcp.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/ip/ipmptcp.c b/ip/ipmptcp.c +index 54817e46..ce62ab9a 100644 +--- a/ip/ipmptcp.c ++++ b/ip/ipmptcp.c +@@ -436,9 +436,13 @@ static int mptcp_limit_get_set(int argc, char **argv, int cmd) + if (rtnl_talk(&genl_rth, &req.n, do_get ? &answer : NULL) < 0) + return -2; + +- if (do_get) +- return print_mptcp_limit(answer, stdout); +- return 0; ++ ret = 0; ++ if (do_get) { ++ ret = print_mptcp_limit(answer, stdout); ++ free(answer); ++ } ++ ++ return ret; + } + + static const char * const event_to_str[] = { +-- +2.23.0 + diff --git a/iproute.spec b/iproute.spec index 56ab69f..5f52be7 100644 --- a/iproute.spec +++ b/iproute.spec @@ -22,6 +22,12 @@ Patch6009: backport-tc-flower-Fix-buffer-overflow-on-large-labels.patch Patch6010: backport-tc_util-Fix-parsing-action-control-with-space-and-sl.patch Patch6011: backport-tipc-fix-keylen-check.patch +Patch6012: backport-bridge-Fix-memory-leak-when-doing-fdb-get.patch +Patch6013: backport-ip-address-Fix-memory-leak-when-specifying-device.patch +Patch6014: backport-ip-neigh-Fix-memory-leak-when-doing-get.patch +Patch6015: backport-mptcp-Fix-memory-leak-when-doing-endpoint-show.patch +Patch6016: backport-mptcp-Fix-memory-leak-when-getting-limits.patch + BuildRequires: gcc bison elfutils-libelf-devel flex iptables-devel BuildRequires: libmnl-devel libselinux-devel pkgconfig libbpf-devel Requires: libbpf psmisc @@ -89,11 +95,16 @@ install -m 0644 lib/libnetlink.a %{buildroot}%{_libdir}/libnetlink.a %{_mandir}/* %changelog -* Sat Oct 08 2022 jiangheng - 5.15.0-5 +* Mon Oct 10 2022 jiangheng - 5.15.0-5 - Type:bugfix - ID:NA - SUG:NA -- DESC:fix marco expansion in changelog +- DESC:bridge: fix memory leak when doing fdb get + mptcp: fix memory leak when doing 'endpoint show' + mptcp: fix memory leak when getting limits + ip neigh: fix memory leak when doing 'get' + ip address: fix memory leak when specifying device + fix marco expansion in changelog * Fri Aug 26 2022 sunsuwan - 5.15.0-4 - Type:bugfix