lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 14 Nov 2017 14:26:16 -0600
From:   "Gustavo A. R. Silva" <garsilva@...eddedor.com>
To:     Pravin Shelar <pshelar@...ira.com>,
        "David S. Miller" <davem@...emloft.net>
Cc:     netdev@...r.kernel.org, dev@...nvswitch.org,
        linux-kernel@...r.kernel.org,
        "Gustavo A. R. Silva" <garsilva@...eddedor.com>
Subject: [PATCH] openvswitch: meter: fix NULL pointer dereference in
 ovs_meter_cmd_reply_start

It seems that the intention of the code is to null check the value
returned by function genlmsg_put. But the current code is null
checking the address of the pointer that holds the value returned
by genlmsg_put.

Fix this by properly null checking the value returned by function
genlmsg_put in order to avoid a pontential null pointer dereference.

Addresses-Coverity-ID: 1461561 ("Dereference before null check")
Addresses-Coverity-ID: 1461562 ("Dereference null return value")
Fixes: 96fbc13d7e77 ("openvswitch: Add meter infrastructure")
Signed-off-by: Gustavo A. R. Silva <garsilva@...eddedor.com>
---
 net/openvswitch/meter.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/openvswitch/meter.c b/net/openvswitch/meter.c
index 2a5ba35..bc0b6fc 100644
--- a/net/openvswitch/meter.c
+++ b/net/openvswitch/meter.c
@@ -106,7 +106,7 @@ ovs_meter_cmd_reply_start(struct genl_info *info, u8 cmd,
 	*ovs_reply_header = genlmsg_put(skb, info->snd_portid,
 					info->snd_seq,
 					&dp_meter_genl_family, 0, cmd);
-	if (!ovs_reply_header) {
+	if (!*ovs_reply_header) {
 		nlmsg_free(skb);
 		return ERR_PTR(-EMSGSIZE);
 	}
-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ