| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20201219125346.242208399@linuxfoundation.org>
Date: Sat, 19 Dec 2020 13:58:36 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org, Cengiz Can <cengiz@...nel.wtf>,
"David S. Miller" <davem@...emloft.net>
Subject: [PATCH 5.9 32/49] net: tipc: prevent possible null deref of link
From: Cengiz Can <cengiz@...nel.wtf>
[ Upstream commit 0398ba9e5a4b5675aa571e0445689d3c2e499c2d ]
`tipc_node_apply_property` does a null check on a `tipc_link_entry`
pointer but also accesses the same pointer out of the null check block.
This triggers a warning on Coverity Static Analyzer because we're
implying that `e->link` can BE null.
Move "Update MTU for node link entry" line into if block to make sure
that we're not in a state that `e->link` is null.
Signed-off-by: Cengiz Can <cengiz@...nel.wtf>
Signed-off-by: David S. Miller <davem@...emloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
---
net/tipc/node.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- a/net/tipc/node.c
+++ b/net/tipc/node.c
@@ -2170,9 +2170,11 @@ void tipc_node_apply_property(struct net
&xmitq);
else if (prop == TIPC_NLA_PROP_MTU)
tipc_link_set_mtu(e->link, b->mtu);
+
+ /* Update MTU for node link entry */
+ e->mtu = tipc_link_mss(e->link);
}
- /* Update MTU for node link entry */
- e->mtu = tipc_link_mss(e->link);
+
tipc_node_write_unlock(n);
tipc_bearer_xmit(net, bearer_id, &xmitq, &e->maddr, NULL);
}
Powered by blists - more mailing lists