lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 9 Nov 2020 13:38:59 +0000
From:   Colin Ian King <colin.king@...onical.com>
To:     Kamil Alkhouri <kamil.alkhouri@...offenburg.de>,
        Kurt Kanzenbach <kurt@...utronix.de>,
        Richard Cochran <richardcochran@...il.com>,
        Jakub Kicinski <kuba@...nel.org>
Cc:     Andrew Lunn <andrew@...n.ch>,
        ivien Didelot <vivien.didelot@...il.com>,
        Florian Fainelli <f.fainelli@...il.com>,
        Vladimir Oltean <olteanv@...il.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "kernel-janitors@...r.kernel.org" <kernel-janitors@...r.kernel.org>
Subject: re: net: dsa: hellcreek: Add support for hardware timestamping

Hi

Static analysis on linux-next with Coverity has detected a potential
null pointer dereference issue on the following commit:

commit f0d4ba9eff75a79fccb7793f4d9f12303d458603
Author: Kamil Alkhouri <kamil.alkhouri@...offenburg.de>
Date:   Tue Nov 3 08:10:58 2020 +0100

    net: dsa: hellcreek: Add support for hardware timestamping

The analysis is as follows:

323                /* Get nanoseconds from ptp packet */
324                type = SKB_PTP_TYPE(skb);

   4. returned_null: ptp_parse_header returns NULL (checked 10 out of 12
times).
   5. var_assigned: Assigning: hdr = NULL return value from
ptp_parse_header.

325                hdr  = ptp_parse_header(skb, type);

   Dereference null return value (NULL_RETURNS)
   6. dereference: Dereferencing a pointer that might be NULL hdr when
calling hellcreek_get_reserved_field.

326                ns   = hellcreek_get_reserved_field(hdr);
327                hellcreek_clear_reserved_field(hdr);

This issue can only occur if the type & PTP_CLASS_PMASK is not one of
PTP_CLASS_IPV4, PTP_CLASS_IPV6 or PTP_CLASS_L2.  I'm not sure if this is
a possibility or not, but I'm assuming that it would be useful to
perform the null check just in case, but I'm not sure how this affects
the hw timestamping code in this function.

Colin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ