* [PATCH] xfrm: Fix possible error pointer dereference
@ 2008-07-03 8:48 Steffen Klassert
2008-07-03 9:04 ` Herbert Xu
0 siblings, 1 reply; 3+ messages in thread
From: Steffen Klassert @ 2008-07-03 8:48 UTC (permalink / raw)
To: David Miller, Herbert Xu; +Cc: netdev, klassert
Check for error befor dereferencing xdst in xfrm_bundle_create.
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
net/xfrm/xfrm_policy.c | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index cae9fd8..9fab591 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -1384,6 +1384,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
struct net_device *dev;
struct dst_entry *dst_prev = NULL;
struct dst_entry *dst0 = NULL;
+ struct dst_entry *dst1 = NULL;
int i = 0;
int err;
int header_len = 0;
@@ -1404,7 +1405,6 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
for (; i < nx; i++) {
struct xfrm_dst *xdst = xfrm_alloc_dst(family);
- struct dst_entry *dst1 = &xdst->u.dst;
err = PTR_ERR(xdst);
if (IS_ERR(xdst)) {
@@ -1412,6 +1412,8 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
goto put_states;
}
+ dst1 = &xdst->u.dst;
+
if (!dst_prev)
dst0 = dst1;
else {
--
1.5.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] xfrm: Fix possible error pointer dereference
2008-07-03 8:48 [PATCH] xfrm: Fix possible error pointer dereference Steffen Klassert
@ 2008-07-03 9:04 ` Herbert Xu
2008-07-03 13:18 ` Steffen Klassert
0 siblings, 1 reply; 3+ messages in thread
From: Herbert Xu @ 2008-07-03 9:04 UTC (permalink / raw)
To: Steffen Klassert; +Cc: David Miller, netdev, klassert
On Thu, Jul 03, 2008 at 10:48:36AM +0200, Steffen Klassert wrote:
> Check for error befor dereferencing xdst in xfrm_bundle_create.
>
> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
> ---
> net/xfrm/xfrm_policy.c | 4 +++-
> 1 files changed, 3 insertions(+), 1 deletions(-)
>
> diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
> index cae9fd8..9fab591 100644
> --- a/net/xfrm/xfrm_policy.c
> +++ b/net/xfrm/xfrm_policy.c
> @@ -1384,6 +1384,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
> struct net_device *dev;
> struct dst_entry *dst_prev = NULL;
> struct dst_entry *dst0 = NULL;
> + struct dst_entry *dst1 = NULL;
> int i = 0;
> int err;
> int header_len = 0;
> @@ -1404,7 +1405,6 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
>
> for (; i < nx; i++) {
> struct xfrm_dst *xdst = xfrm_alloc_dst(family);
> - struct dst_entry *dst1 = &xdst->u.dst;
Please check again, we're not dereferencing it here.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] xfrm: Fix possible error pointer dereference
2008-07-03 9:04 ` Herbert Xu
@ 2008-07-03 13:18 ` Steffen Klassert
0 siblings, 0 replies; 3+ messages in thread
From: Steffen Klassert @ 2008-07-03 13:18 UTC (permalink / raw)
To: Herbert Xu; +Cc: David Miller, netdev, klassert
On Thu, Jul 03, 2008 at 05:04:03PM +0800, Herbert Xu wrote:
>
> Please check again, we're not dereferencing it here.
>
Yes, we are just getting a pointer.
Sorry for the noise,
Steffen
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-07-03 13:55 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-07-03 8:48 [PATCH] xfrm: Fix possible error pointer dereference Steffen Klassert
2008-07-03 9:04 ` Herbert Xu
2008-07-03 13:18 ` Steffen Klassert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).