lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4e6ba1a8-be3b-fd22-e0b8-485d33bb51eb@cumulusnetworks.com>
Date:   Tue, 2 Jun 2020 10:23:09 +0300
From:   Nikolay Aleksandrov <nikolay@...ulusnetworks.com>
To:     David Miller <davem@...emloft.net>, patrickeigensatz@...il.com
Cc:     dsahern@...nel.org, scan-admin@...erity.com, kuznet@....inr.ac.ru,
        yoshfuji@...ux-ipv6.org, kuba@...nel.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ipv4: nexthop: Fix deadcode issue by performing a proper
 NULL check

On 01/06/2020 21:06, David Miller wrote:
> From: patrickeigensatz@...il.com
> Date: Mon,  1 Jun 2020 13:12:01 +0200
> 
>> From: Patrick Eigensatz <patrickeigensatz@...il.com>
>>
>> After allocating the spare nexthop group it should be tested for kzalloc()
>> returning NULL, instead the already used nexthop group (which cannot be
>> NULL at this point) had been tested so far.
>>
>> Additionally, if kzalloc() fails, return ERR_PTR(-ENOMEM) instead of NULL.
>>
>> Coverity-id: 1463885
>> Reported-by: Coverity <scan-admin@...erity.com>
>> Signed-off-by: Patrick Eigensatz <patrickeigensatz@...il.com>
> 
> Applied, thank you.
> 

Hi Dave,
I see this patch in -net-next but it should've been in -net as I wrote in my
review[1]. This patch should go along with the recent nexthop set that fixes
a few bugs, since it could result in a null ptr deref if the spare group cannot
be allocated.
How would you like to proceed? Should it be submitted for -net as well?

Thanks,
 Nik

[1] https://lkml.org/lkml/2020/6/1/391

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ