| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180618085535.6A8F160B13@smtp.codeaurora.org>
Date: Mon, 18 Jun 2018 08:55:35 +0000 (UTC)
From: Kalle Valo <kvalo@...eaurora.org>
To: "Gustavo A. R. Silva" <gustavo@...eddedor.com>
Cc: Igor Mitsyanko <imitsyanko@...ntenna.com>,
Avinash Patil <avinashp@...ntenna.com>,
Sergey Matyukevich <smatyukevich@...ntenna.com>,
"David S. Miller" <davem@...emloft.net>,
linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org,
"Gustavo A. R. Silva" <gustavo@...eddedor.com>,
kernel-janitors@...r.kernel.org
Subject: Re: qtnfmac: fix NULL pointer dereference
"Gustavo A. R. Silva" <gustavo@...eddedor.com> wrote:
> In case *vif* is NULL at 655: if (!vif), the execution path jumps to
> label out, where *vif* is dereferenced at 679:
>
> if (vif->sta_state == QTNF_STA_CONNECTING)
>
> Fix this by immediately returning when *vif* is NULL instead of
> jumping to label out.
>
> Addresses-Coverity-ID: 1469567 ("Dereference after null check")
> Fixes: 480daa9cb62c ("qtnfmac: fix invalid STA state on EAPOL failure")
> Signed-off-by: Gustavo A. R. Silva <gustavo@...eddedor.com>
> Reviewed-by: Sergey Matyukevich <sergey.matyukevich.os@...nenna.com>
Patch applied to wireless-drivers.git, thanks.
c1e3f64f8738 qtnfmac: fix NULL pointer dereference
--
https://patchwork.kernel.org/patch/10443507/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
Powered by blists - more mailing lists