From f19ee6814076337841a4737c7412cc4d230e66f6 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 1 Nov 2018 20:21:26 +0900 Subject: [PATCH 1/6] network: fix segfault in manager_free() Fixes #10605. --- src/network/networkd-manager.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c index 7433be96ffb..9dcd9115358 100644 --- a/src/network/networkd-manager.c +++ b/src/network/networkd-manager.c @@ -1451,8 +1451,10 @@ void manager_free(Manager *m) { while ((pool = m->address_pools)) address_pool_free(pool); - set_free_with_destructor(m->rules, routing_policy_rule_free); - set_free_with_destructor(m->rules_foreign, routing_policy_rule_free); + /* routing_policy_rule_free() access m->rules and m->rules_foreign. + * So, it is necessary to set NULL after the sets are freed. */ + m->rules = set_free_with_destructor(m->rules, routing_policy_rule_free); + m->rules_foreign = set_free_with_destructor(m->rules_foreign, routing_policy_rule_free); set_free_with_destructor(m->rules_saved, routing_policy_rule_free); sd_event_unref(m->event); From 744faf5e4e64e26181f03d1d9fa292ce6fb1456a Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 1 Nov 2018 21:46:36 +0900 Subject: [PATCH 2/6] network: fix memleak in static prefix Fixes #10608. --- src/network/networkd-radv.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/network/networkd-radv.c b/src/network/networkd-radv.c index c7d6ac25587..9b393d82a07 100644 --- a/src/network/networkd-radv.c +++ b/src/network/networkd-radv.c @@ -92,9 +92,11 @@ void prefix_free(Prefix *prefix) { assert(prefix->network->n_static_prefixes > 0); prefix->network->n_static_prefixes--; - if (prefix->section) + if (prefix->section) { hashmap_remove(prefix->network->prefixes_by_section, prefix->section); + network_config_section_free(prefix->section); + } } prefix->radv_prefix = sd_radv_prefix_unref(prefix->radv_prefix); From a6276f0f3fd8d92397883f4b849f536fd1c991a6 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 1 Nov 2018 23:24:17 +0900 Subject: [PATCH 3/6] network: fix memleak in routing policy As set_put() may fail if input is duplicated. --- src/network/networkd-routing-policy-rule.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 28a2a0fcbff..9ce3acd8076 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -257,8 +257,8 @@ static int routing_policy_rule_add_internal(Manager *m, rule->tos = tos; rule->fwmark = fwmark; rule->table = table; - rule->iif = TAKE_PTR(iif); - rule->oif = TAKE_PTR(oif); + rule->iif = iif; + rule->oif = oif; r = set_ensure_allocated(rules, &routing_policy_rule_hash_ops); if (r < 0) @@ -272,6 +272,7 @@ static int routing_policy_rule_add_internal(Manager *m, *ret = rule; rule = NULL; + iif = oif = NULL; return 0; } From e6b65ab76073338a620a0c425d4b17f2281c1eb0 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 1 Nov 2018 23:38:01 +0900 Subject: [PATCH 4/6] network: fix return value of routing_policy_rule_get() To distinguish source of rule. --- src/network/networkd-link.c | 2 +- src/network/networkd-routing-policy-rule.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c index 08ea7b41394..c4923980e39 100644 --- a/src/network/networkd-link.c +++ b/src/network/networkd-link.c @@ -785,7 +785,7 @@ static int link_set_routing_policy_rule(Link *link) { LIST_FOREACH(rules, rule, link->network->rules) { r = routing_policy_rule_get(link->manager, rule->family, &rule->from, rule->from_prefixlen, &rule->to, rule->to_prefixlen, rule->tos, rule->fwmark, rule->table, rule->iif, rule->oif, &rrule); - if (r == 1) { + if (r == 0) { (void) routing_policy_rule_make_local(link->manager, rrule); continue; } diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 9ce3acd8076..508555e0997 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -188,7 +188,7 @@ int routing_policy_rule_get(Manager *m, if (existing) { if (ret) *ret = existing; - return 1; + return 0; } return -ENOENT; From 0d7febd002fbfcbc570339ff7465c66556d44f69 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 1 Nov 2018 23:40:56 +0900 Subject: [PATCH 5/6] network: fix hash function for routing policy rule --- src/network/networkd-routing-policy-rule.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 508555e0997..02440cd2823 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -79,10 +79,10 @@ static void routing_policy_rule_hash_func(const void *b, struct siphash *state) siphash24_compress(&rule->table, sizeof(rule->table), state); if (rule->iif) - siphash24_compress(&rule->iif, strlen(rule->iif), state); + siphash24_compress(rule->iif, strlen(rule->iif), state); if (rule->oif) - siphash24_compress(&rule->oif, strlen(rule->oif), state); + siphash24_compress(rule->oif, strlen(rule->oif), state); break; default: From cb700a11d9887fc8352772a913ea69c549aab977 Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 1 Nov 2018 23:41:29 +0900 Subject: [PATCH 6/6] network: drop white space in log message --- src/network/networkd-routing-policy-rule.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/network/networkd-routing-policy-rule.c b/src/network/networkd-routing-policy-rule.c index 02440cd2823..739f9e6a5a2 100644 --- a/src/network/networkd-routing-policy-rule.c +++ b/src/network/networkd-routing-policy-rule.c @@ -550,7 +550,7 @@ int routing_policy_rule_configure(RoutingPolicyRule *rule, Link *link, sd_netlin r = routing_policy_rule_add(link->manager, rule->family, &rule->from, rule->from_prefixlen, &rule->to, rule->to_prefixlen, rule->tos, rule->fwmark, rule->table, rule->iif, rule->oif, NULL); if (r < 0) - return log_error_errno(r, "Could not add rule : %m"); + return log_error_errno(r, "Could not add rule: %m"); return 0; }