ipv6: fix a refcnt leak with peer addr

There is no reason to take a refcnt before deleting the peer address route.
It's done some lines below for the local prefix route because
inet6_ifa_finish_destroy() will release it at the end.
For the peer address route, we want to free it right now.

This bug has been introduced by commit
caeaba7900 ("ipv6: add support of peer address").

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Nicolas Dichtel 2014-09-03 23:59:21 +02:00 committed by David S. Miller
parent c199105d15
commit f24062b07d

View file

@ -4772,11 +4772,8 @@ static void __ipv6_ifa_notify(int event, struct inet6_ifaddr *ifp)
rt = rt6_lookup(dev_net(dev), &ifp->peer_addr, NULL,
dev->ifindex, 1);
if (rt) {
dst_hold(&rt->dst);
if (ip6_del_rt(rt))
dst_free(&rt->dst);
}
if (rt && ip6_del_rt(rt))
dst_free(&rt->dst);
}
dst_hold(&ifp->rt->dst);