| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <5690115A.4070405@cogentembedded.com>
Date: Fri, 8 Jan 2016 22:43:22 +0300
From: Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To: Baozeng Ding <sploving1@...il.com>, davem@...emloft.net,
herbert@...dor.apana.org.au, daniel@...earbox.net, tgraf@...g.ch,
pablo@...filter.org, chamaken@...il.com, nicolas.dichtel@...nd.com,
fw@...len.de
Cc: netdev@...r.kernel.org
Subject: Re: [PATCH] netlink: fix null pointer dereference on nlk->groups
Hello.
On 01/08/2016 08:46 AM, Baozeng Ding wrote:
> If groups is not 0 and nlk->groups is NULL, it will not return
> immediately and cause a null pointer dereference later.
>
> Signed-off-by: Baozeng Ding <sploving1@...il.com>
> ---
> net/netlink/af_netlink.c | 10 +++++++---
> 1 file changed, 7 insertions(+), 3 deletions(-)
>
> diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
> index 59651af..38efde0 100644
> --- a/net/netlink/af_netlink.c
> +++ b/net/netlink/af_netlink.c
[...]
> @@ -1576,14 +1577,17 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr,
> }
> }
>
> - if (!groups && (nlk->groups == NULL || !(u32)nlk->groups[0]))
> + if (nlk->groups == NULL)
'!nlk->groups' is preferred in the networking code.
[...]
MBR, Sergei
Powered by blists - more mailing lists