From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Miller Subject: Re: [PATCH net-next v2] bpf: fix verifier NULL pointer dereference Date: Fri, 03 Nov 2017 15:50:16 +0900 (KST) Message-ID: <20171103.155016.1716862120175860397.davem@davemloft.net> References: <20171102142119.13894-1-kraigatgoog@gmail.com> <20171102151801.24500-1-kraigatgoog@gmail.com> Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: ast@fb.com, netdev@vger.kernel.org To: kraigatgoog@gmail.com Return-path: Received: from shards.monkeyblade.net ([184.105.139.130]:36686 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752309AbdKCGuT (ORCPT ); Fri, 3 Nov 2017 02:50:19 -0400 In-Reply-To: <20171102151801.24500-1-kraigatgoog@gmail.com> Sender: netdev-owner@vger.kernel.org List-ID: From: Craig Gallek Date: Thu, 2 Nov 2017 11:18:01 -0400 > From: Craig Gallek > > do_check() can fail early without allocating env->cur_state under > memory pressure. Syzkaller found the stack below on the linux-next > tree because of this. ... > Fixes: 638f5b90d460 ("bpf: reduce verifier memory consumption") > Fixes: 1969db47f8d0 ("bpf: fix verifier memory leaks") > Signed-off-by: Craig Gallek Applied, thanks Craig.