[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20230117154548.3403346-1-alok.a.tiwari@oracle.com>
Date: Tue, 17 Jan 2023 07:45:49 -0800
From: Alok Tiwari <alok.a.tiwari@...cle.com>
To: linux-kernel@...r.kernel.org, netfilter-devel@...r.kernel.org,
pablo@...filter.org
Cc: alok.a.tiwari@...cle.com, darren.kenny@...cle.com
Subject: [PATCH v2 6.1] netfilter: Null pointer dereference in nf_tables_updobj
static analyzer detect null pointer dereference case for 'type'
function __nft_obj_type_get() can return NULL value which require to handle
if type is NULL pointer return -ENOENT
Signed-off-by: Alok Tiwari <alok.a.tiwari@...cle.com>
---
net/netfilter/nf_tables_api.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 3ba8c291fcaa..dca5352bdf3d 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -6951,6 +6951,9 @@ static int nf_tables_newobj(struct sk_buff *skb, const struct nfnl_info *info,
return -EOPNOTSUPP;
type = __nft_obj_type_get(objtype);
+ if (WARN_ON_ONCE(!type))
+ return -ENOENT;
+
nft_ctx_init(&ctx, net, skb, info->nlh, family, table, NULL, nla);
return nf_tables_updobj(&ctx, type, nla[NFTA_OBJ_DATA], obj);
--
2.38.1
Powered by blists - more mailing lists