netfilter: nf_queue: fix NF_STOLEN skb leak commit 3bc38712e3a6e059 (handle NF_STOP and unknown verdicts in nf_reinject) was a partial fix to packet leaks. If user asks NF_STOLEN status, we must free the skb as well. Reported-by: Afi Gjermund <afigjermund@gmail.com> Signed-off-by: Eric DUmazet <eric.dumazet@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>

commit: 64507fdbc29c3a622180378210ecea8659b14e40 [log] [tgz]
author: Eric Dumazet <eric.dumazet@gmail.com> Fri Feb 19 15:28:38 2010 +0100
committer: Patrick McHardy <kaber@trash.net> Fri Feb 19 15:28:38 2010 +0100
tree: c42d87f221405f3ba9553984c39178caae3aac26
parent: a88e22adf5aad79b6e2ddd1bf0109c2ba8b46b0e [diff]
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index 3a6fd77..ba095fd 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c

@@ -265,7 +265,6 @@
 		local_bh_disable();
 		entry->okfn(skb);
 		local_bh_enable();
-	case NF_STOLEN:
 		break;
 	case NF_QUEUE:
 		if (!__nf_queue(skb, elem, entry->pf, entry->hook,
@@ -273,6 +272,7 @@
 				verdict >> NF_VERDICT_BITS))
 			goto next_hook;
 		break;
+	case NF_STOLEN:
 	default:
 		kfree_skb(skb);
 	}
commit	64507fdbc29c3a622180378210ecea8659b14e40	[log] [tgz]
author	Eric Dumazet <eric.dumazet@gmail.com>	Fri Feb 19 15:28:38 2010 +0100
committer	Patrick McHardy <kaber@trash.net>	Fri Feb 19 15:28:38 2010 +0100
tree	c42d87f221405f3ba9553984c39178caae3aac26
parent	a88e22adf5aad79b6e2ddd1bf0109c2ba8b46b0e [diff]