| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180621162116.7f424648@xeon-e3>
Date: Thu, 21 Jun 2018 16:21:16 -0700
From: Stephen Hemminger <stephen@...workplumber.org>
To: David Miller <davem@...emloft.net>
Cc: garrmcnu@...il.com, netdev@...r.kernel.org, jiri@...nulli.us,
nikolay@...ulusnetworks.com, bridge@...ts.linux-foundation.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: bridge: fix potential null pointer dereference on
return from br_port_get_rtnl()
On Fri, 22 Jun 2018 07:20:56 +0900 (KST)
David Miller <davem@...emloft.net> wrote:
> From: Garry McNulty <garrmcnu@...il.com>
> Date: Thu, 21 Jun 2018 21:14:27 +0100
>
> > br_port_get_rtnl() can return NULL if the network device is not a bridge
> > port (IFF_BRIDGE_PORT flag not set). br_port_slave_changelink() and
> > br_port_fill_slave_info() callbacks dereference this pointer without
> > checking. Currently this is not a problem because slave devices always
> > set this flag. Add null check in case these conditions ever change.
> >
> > Detected by CoverityScan, CID 1339613 ("Dereference null return value")
> >
> > Signed-off-by: Garry McNulty <garrmcnu@...il.com>
>
> I don't think this is reasonable.
>
> The bridge code will never, ever, install a slave that doesn't have
> that bit set. It's the most fundamental aspect of how these objects
> are managed.
Agree with dave. Workarounds for static tools are ok if they don't introduce
other paths. But if your fix introduces another error path which can never
be reached, it is hurting not helping.
Powered by blists - more mailing lists