| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250326074355.24016-1-mowenroot@163.com>
Date: Wed, 26 Mar 2025 15:43:55 +0800
From: Debin Zhu <mowenroot@....com>
To: paul@...l-moore.com
Cc: linux-kernel@...r.kernel.org,
Debin Zhu <mowenroot@....com>,
Bitao Ouyang <1985755126@...com>
Subject: [PATCH] netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets
Added IPv6 socket checks in `calipso_sock_getattr`, `calipso_sock_setattr`,
and `calipso_sock_delattr` functions.
Return `-EAFNOSUPPORT` error code if the socket is not of the IPv6 type.
This fix prevents the IPv6 datagram code from
incorrectly calling the IPv4 datagram code,
thereby avoiding a NULL pointer exception.
Signed-off-by: Debin Zhu <mowenroot@....com>
Signed-off-by: Bitao Ouyang <1985755126@...com>
---
net/ipv6/calipso.c | 27 +++++++++++++++++++++------
1 file changed, 21 insertions(+), 6 deletions(-)
diff --git a/net/ipv6/calipso.c b/net/ipv6/calipso.c
index dbcea9fee..ef55e4176 100644
--- a/net/ipv6/calipso.c
+++ b/net/ipv6/calipso.c
@@ -1072,8 +1072,13 @@ static int calipso_sock_getattr(struct sock *sk,
struct ipv6_opt_hdr *hop;
int opt_len, len, ret_val = -ENOMSG, offset;
unsigned char *opt;
- struct ipv6_txoptions *txopts = txopt_get(inet6_sk(sk));
-
+ struct ipv6_pinfo *pinfo = inet6_sk(sk);
+ struct ipv6_txoptions *txopts;
+ /* Prevent IPv6 datagram code from calling IPv4 datagram code, causing pinet6 to be NULL */
+ if (!pinfo)
+ return -EAFNOSUPPORT;
+
+ txopts = txopt_get(pinfo);
if (!txopts || !txopts->hopopt)
goto done;
@@ -1125,8 +1130,13 @@ static int calipso_sock_setattr(struct sock *sk,
{
int ret_val;
struct ipv6_opt_hdr *old, *new;
- struct ipv6_txoptions *txopts = txopt_get(inet6_sk(sk));
-
+ struct ipv6_pinfo *pinfo = inet6_sk(sk);
+ struct ipv6_txoptions *txopts;
+ /* Prevent IPv6 datagram code from calling IPv4 datagram code, causing pinet6 to be NULL */
+ if (!pinfo)
+ return -EAFNOSUPPORT;
+
+ txopts = txopt_get(pinfo);
old = NULL;
if (txopts)
old = txopts->hopopt;
@@ -1153,8 +1163,13 @@ static int calipso_sock_setattr(struct sock *sk,
static void calipso_sock_delattr(struct sock *sk)
{
struct ipv6_opt_hdr *new_hop;
- struct ipv6_txoptions *txopts = txopt_get(inet6_sk(sk));
-
+ struct ipv6_pinfo *pinfo = inet6_sk(sk);
+ struct ipv6_txoptions *txopts;
+ /* Prevent IPv6 datagram code from calling IPv4 datagram code, causing pinet6 to be NULL */
+ if (!pinfo)
+ return -EAFNOSUPPORT;
+
+ txopts = txopt_get(pinfo);
if (!txopts || !txopts->hopopt)
goto done;
--
2.34.1
Powered by blists - more mailing lists