From: Paul Moore <paul.moore@hp.com>
To: Jesper Juhl <jesper.juhl@gmail.com>
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
David Miller <davem@davemloft.net>
Subject: Re: [PATCH][netlabel] Don't risk NULL ptr deref in netlbl_unlabel_staticlist_gen() if ifindex not found
Date: Wed, 16 Apr 2008 17:21:33 -0400 [thread overview]
Message-ID: <200804161721.33749.paul.moore@hp.com> (raw)
In-Reply-To: <alpine.LNX.1.00.0804162304220.9837@dragon.funnycrock.com>
On Wednesday 16 April 2008 5:08:58 pm Jesper Juhl wrote:
> Hi,
>
> dev_get_by_index() may return NULL if nothing is found. In
> net/netlabel/netlabel_unlabeled.c::netlbl_unlabel_staticlist_gen()
> the function is called, but the return value is never checked. If it
> returns NULL then we'll deref a NULL pointer on the very next line.
> I checked the callers, and I don't think this can actually happen
> today, but code changes over time and in the future it might happen
> and it does no harm to be defensive and check for the failure, so
> that if/when it happens we'll fail gracefully instead of crashing.
>
> Please consider the patch below for inclusion.
>
>
> Signed-off-by: Jesper Juhl <jesper.juhl@gmail.com>
I agree we should check for NULL here. I checked the return of
dev_get_by_index() in the rest of the file I must have just forgotten
to check it here.
Thanks for finding this and fixing it.
Acked-by: Paul Moore <paul.moore@hp.com>
>
> netlabel_unlabeled.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/net/netlabel/netlabel_unlabeled.c
> b/net/netlabel/netlabel_unlabeled.c index 4478f2f..6af9457 100644
> --- a/net/netlabel/netlabel_unlabeled.c
> +++ b/net/netlabel/netlabel_unlabeled.c
> @@ -1339,6 +1339,10 @@ static int netlbl_unlabel_staticlist_gen(u32
> cmd,
>
> if (iface->ifindex > 0) {
> dev = dev_get_by_index(&init_net, iface->ifindex);
> + if (!dev) {
> + ret_val = -ENODEV;
> + goto list_cb_failure;
> + }
> ret_val = nla_put_string(cb_arg->skb,
> NLBL_UNLABEL_A_IFACE, dev->name);
> dev_put(dev);
--
paul moore
linux @ hp
next prev parent reply other threads:[~2008-04-16 21:21 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-16 21:08 [PATCH][netlabel] Don't risk NULL ptr deref in netlbl_unlabel_staticlist_gen() if ifindex not found Jesper Juhl
2008-04-16 21:21 ` Paul Moore [this message]
2008-04-16 21:30 ` Jesper Juhl
2008-04-18 6:23 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200804161721.33749.paul.moore@hp.com \
--to=paul.moore@hp.com \
--cc=davem@davemloft.net \
--cc=jesper.juhl@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.