On Tue, Dec 11, 2007 at 04:40:16AM -0800, David Miller wrote:
>
> I bet the __xfrm_lookup() callers could stand a major audit, with the
> special -EREMOTE logic I bet there are non-EREMOTE code paths there
> that don't handle the dst ref semantics properly.
>
> This is a very error prone interfac
From: Herbert Xu <[EMAIL PROTECTED]>
Date: Tue, 11 Dec 2007 20:07:29 +0800
> [IPSEC]: Fix potential dst leak in xfrm_lookup
>
> If we get an error during the actual policy lookup we don't free the
> original dst while the caller expects us to always free the original
Hi Dave:
This patch fixes a possible dst leak that has existed for years.
[IPSEC]: Fix potential dst leak in xfrm_lookup
If we get an error during the actual policy lookup we don't free the
original dst while the caller expects us to always free the original
dst in case of error.
This
