| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 May 2019 23:02:08 +0100
From: Colin King <colin.king@...onical.com>
To: Josef Bacik <josef@...icpanda.com>, Jens Axboe <axboe@...nel.dk>,
linux-block@...r.kernel.org, nbd@...er.debian.org
Cc: kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH] nbd: add null check on dev_list to avoid potential null pointer dereference
From: Colin Ian King <colin.king@...onical.com>
The call to nla_nest_start_noflag can return a null pointer and currently
this is not being checked and this can lead to a null pointer dereference
when the null pointer dev_list is passed to function nla_nest_end. Fix
this by adding in a null pointer check.
Addresses-Coverity: ("Dereference null return value")
Fixes: 47d902b90a32 ("nbd: add a status netlink command")
Signed-off-by: Colin Ian King <colin.king@...onical.com>
---
drivers/block/nbd.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
index 053958a8a2ba..ed263963e778 100644
--- a/drivers/block/nbd.c
+++ b/drivers/block/nbd.c
@@ -2117,6 +2117,10 @@ static int nbd_genl_status(struct sk_buff *skb, struct genl_info *info)
}
dev_list = nla_nest_start_noflag(reply, NBD_ATTR_DEVICE_LIST);
+ if (!dev_list) {
+ nlmsg_free(reply);
+ goto out;
+ }
if (index == -1) {
ret = idr_for_each(&nbd_index_idr, &status_cb, reply);
if (ret) {
--
2.20.1
Powered by blists - more mailing lists