* [PATCH] batman-adv: fix potential NULL pointer dereferencing
@ 2014-09-22 9:11 Mario Pirker
2014-09-22 9:12 ` Antonio Quartulli
0 siblings, 1 reply; 2+ messages in thread
From: Mario Pirker @ 2014-09-22 9:11 UTC (permalink / raw)
To: mareklindner@neomailbox.ch, sw@simonwunderlich.de,
antonio@meshcoding.com, davem@davemloft.net
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org
>From b451e7317148e18bf6c5c8fd747d79ab34260354 Mon Sep 17 00:00:00 2001
From: Mario Pirker <mario.pirker@kellogg.ox.ac.uk>
Date: Tue, 16 Sep 2014 17:55:13 +0200
Subject: [PATCH] batman-adv: fix potential NULL pointer dereferencing
The call batadv_gw_node_get may return NULL. The return value has to
be sanity checked before the pointer is dereferenced.
Signed-off-by: Mario Pirker <mariopirker@hotmail.com>
---
net/batman-adv/gateway_client.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/batman-adv/gateway_client.c b/net/batman-adv/gateway_client.c
index 90cff58..7ee0913 100644
--- a/net/batman-adv/gateway_client.c
+++ b/net/batman-adv/gateway_client.c
@@ -810,6 +810,11 @@ bool batadv_gw_out_of_range(struct batadv_priv *bat_priv,
goto out;
gw_node = batadv_gw_node_get(bat_priv, orig_dst_node);
+
+ /* gw_node can be NULL. We need to check before dereferencing */
+ if (gw_node == NULL)
+ goto out;
+
if (!gw_node->bandwidth_down == 0)
goto out;
--
1.8.1.4
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] batman-adv: fix potential NULL pointer dereferencing
2014-09-22 9:11 [PATCH] batman-adv: fix potential NULL pointer dereferencing Mario Pirker
@ 2014-09-22 9:12 ` Antonio Quartulli
0 siblings, 0 replies; 2+ messages in thread
From: Antonio Quartulli @ 2014-09-22 9:12 UTC (permalink / raw)
To: mpirker, mareklindner@neomailbox.ch, sw@simonwunderlich.de,
davem@davemloft.net
Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org
[-- Attachment #1: Type: text/plain, Size: 1486 bytes --]
On 22/09/14 11:11, Mario Pirker wrote:
> From b451e7317148e18bf6c5c8fd747d79ab34260354 Mon Sep 17 00:00:00 2001
> From: Mario Pirker <mario.pirker@kellogg.ox.ac.uk>
> Date: Tue, 16 Sep 2014 17:55:13 +0200
> Subject: [PATCH] batman-adv: fix potential NULL pointer dereferencing
>
> The call batadv_gw_node_get may return NULL. The return value has to
> be sanity checked before the pointer is dereferenced.
>
> Signed-off-by: Mario Pirker <mariopirker@hotmail.com>
> ---
We already have a patch queued to fix this issue
(http://permalink.gmane.org/gmane.org.freifunk.batman/12357).
Actually it is not about a missing check but it is more about a typo in
the check right below the one you added.
Cheers,
> net/batman-adv/gateway_client.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/batman-adv/gateway_client.c b/net/batman-adv/gateway_client.c
> index 90cff58..7ee0913 100644
> --- a/net/batman-adv/gateway_client.c
> +++ b/net/batman-adv/gateway_client.c
> @@ -810,6 +810,11 @@ bool batadv_gw_out_of_range(struct batadv_priv *bat_priv,
> goto out;
>
> gw_node = batadv_gw_node_get(bat_priv, orig_dst_node);
> +
> + /* gw_node can be NULL. We need to check before dereferencing */
> + if (gw_node == NULL)
> + goto out;
> +
> if (!gw_node->bandwidth_down == 0)
> goto out;
>
> --
> 1.8.1.4
>
--
Antonio Quartulli
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-09-22 9:14 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-22 9:11 [PATCH] batman-adv: fix potential NULL pointer dereferencing Mario Pirker
2014-09-22 9:12 ` Antonio Quartulli
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).