| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 21 Aug 2017 17:19:45 -0700 From: Stephen Hemminger <stephen@...workplumber.org> To: Phil Sutter <phil@....cc> Cc: netdev@...r.kernel.org Subject: Re: [iproute PATCH v3 2/5] nstat: Fix for potential NULL pointer dereference On Mon, 21 Aug 2017 12:03:05 +0200 Phil Sutter <phil@....cc> wrote: > If the string at 'p' contains neither space not newline, 'p' will become > NULL. Make sure this isn't the case before dereferencing it. > > Signed-off-by: Phil Sutter <phil@....cc> > --- > Changes since v2: > - Call abort() if 'p' becomes NULL. > --- > misc/nstat.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/misc/nstat.c b/misc/nstat.c > index a4dd405d43a93..56e9367e99736 100644 > --- a/misc/nstat.c > +++ b/misc/nstat.c > @@ -217,6 +217,8 @@ static void load_ugly_table(FILE *fp) > n->next = db; > db = n; > p = next; > + if (!p) > + abort(); > } > n = db; > if (fgets(buf, sizeof(buf), fp) == NULL) This doesn't do anything better than just dereferencing NULL. In either case program crashes with no useful information to user. Not applying this.
Powered by blists - more mailing lists