From: Simon Horman <horms@kernel.org>
To: Rand Deeb <rand.sec96@gmail.com>
Cc: voskresenski.stanislav@confident.ru,
lvc-project@linuxtesting.org, netdev@vger.kernel.org,
Jesse Brandeburg <jesse.brandeburg@intel.com>,
linux-kernel@vger.kernel.org,
Tony Nguyen <anthony.l.nguyen@intel.com>,
intel-wired-lan@lists.osuosl.org,
Jakub Kicinski <kuba@kernel.org>,
deeb.rand@confident.ru, "David S . Miller" <davem@davemloft.net>
Subject: Re: [Intel-wired-lan] [PATCH] net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
Date: Fri, 1 Mar 2024 15:26:21 +0000 [thread overview]
Message-ID: <20240301152621.GC403078@kernel.org> (raw)
In-Reply-To: <20240228155448.121603-1-rand.sec96@gmail.com>
On Wed, Feb 28, 2024 at 06:54:48PM +0300, Rand Deeb wrote:
> The function ice_bridge_setlink() may encounter a NULL pointer dereference
> if nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently
> in nla_for_each_nested(). To address this issue, add a check to ensure that
> br_spec is not NULL before proceeding with the nested attribute iteration.
>
> Signed-off-by: Rand Deeb <rand.sec96@gmail.com>
Thanks Rand,
I do wonder if for some reason this cannot ever occur.
But assuming it can then I agree with the fix.
Reviewed-by: Simon Horman <horms@kernel.org>
As a fix I think it probably warrants a fixes tag and
being applied to net. As such, the following seems appropriate.
Fixes: b1edc14a3fbf ("ice: Implement ice_bridge_getlink and ice_bridge_setlink")
...
WARNING: multiple messages have this Message-ID (diff)
From: Simon Horman <horms@kernel.org>
To: Rand Deeb <rand.sec96@gmail.com>
Cc: Jesse Brandeburg <jesse.brandeburg@intel.com>,
Tony Nguyen <anthony.l.nguyen@intel.com>,
"David S . Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>,
intel-wired-lan@lists.osuosl.org, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, deeb.rand@confident.ru,
lvc-project@linuxtesting.org,
voskresenski.stanislav@confident.ru
Subject: Re: [PATCH] net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()
Date: Fri, 1 Mar 2024 15:26:21 +0000 [thread overview]
Message-ID: <20240301152621.GC403078@kernel.org> (raw)
In-Reply-To: <20240228155448.121603-1-rand.sec96@gmail.com>
On Wed, Feb 28, 2024 at 06:54:48PM +0300, Rand Deeb wrote:
> The function ice_bridge_setlink() may encounter a NULL pointer dereference
> if nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently
> in nla_for_each_nested(). To address this issue, add a check to ensure that
> br_spec is not NULL before proceeding with the nested attribute iteration.
>
> Signed-off-by: Rand Deeb <rand.sec96@gmail.com>
Thanks Rand,
I do wonder if for some reason this cannot ever occur.
But assuming it can then I agree with the fix.
Reviewed-by: Simon Horman <horms@kernel.org>
As a fix I think it probably warrants a fixes tag and
being applied to net. As such, the following seems appropriate.
Fixes: b1edc14a3fbf ("ice: Implement ice_bridge_getlink and ice_bridge_setlink")
...
next prev parent reply other threads:[~2024-03-01 15:26 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-28 15:54 [Intel-wired-lan] [PATCH] net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() Rand Deeb
2024-02-28 15:54 ` Rand Deeb
2024-03-01 15:26 ` Simon Horman [this message]
2024-03-01 15:26 ` Simon Horman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240301152621.GC403078@kernel.org \
--to=horms@kernel.org \
--cc=anthony.l.nguyen@intel.com \
--cc=davem@davemloft.net \
--cc=deeb.rand@confident.ru \
--cc=intel-wired-lan@lists.osuosl.org \
--cc=jesse.brandeburg@intel.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lvc-project@linuxtesting.org \
--cc=netdev@vger.kernel.org \
--cc=rand.sec96@gmail.com \
--cc=voskresenski.stanislav@confident.ru \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.