| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4e6ba1a8-be3b-fd22-e0b8-485d33bb51eb@cumulusnetworks.com>
Date: Tue, 2 Jun 2020 10:23:09 +0300
From: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
To: David Miller <davem@...emloft.net>, patrickeigensatz@...il.com
Cc: dsahern@...nel.org, scan-admin@...erity.com, kuznet@....inr.ac.ru,
yoshfuji@...ux-ipv6.org, kuba@...nel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ipv4: nexthop: Fix deadcode issue by performing a proper
NULL check
On 01/06/2020 21:06, David Miller wrote:
> From: patrickeigensatz@...il.com
> Date: Mon, 1 Jun 2020 13:12:01 +0200
>
>> From: Patrick Eigensatz <patrickeigensatz@...il.com>
>>
>> After allocating the spare nexthop group it should be tested for kzalloc()
>> returning NULL, instead the already used nexthop group (which cannot be
>> NULL at this point) had been tested so far.
>>
>> Additionally, if kzalloc() fails, return ERR_PTR(-ENOMEM) instead of NULL.
>>
>> Coverity-id: 1463885
>> Reported-by: Coverity <scan-admin@...erity.com>
>> Signed-off-by: Patrick Eigensatz <patrickeigensatz@...il.com>
>
> Applied, thank you.
>
Hi Dave,
I see this patch in -net-next but it should've been in -net as I wrote in my
review[1]. This patch should go along with the recent nexthop set that fixes
a few bugs, since it could result in a null ptr deref if the spare group cannot
be allocated.
How would you like to proceed? Should it be submitted for -net as well?
Thanks,
Nik
[1] https://lkml.org/lkml/2020/6/1/391
Powered by blists - more mailing lists