| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <56AA1FE3.6060201@cogentembedded.com>
Date: Thu, 28 Jan 2016 17:04:19 +0300
From: Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To: Bernie Harris <bernie.harris@...iedtelesis.co.nz>,
netdev@...r.kernel.org
Cc: davem@...emloft.net, jhs@...atatu.com, stable@...r.kernel.org
Subject: Re: [PATCH] net_sched: drr: check for NULL pointer in drr_dequeue
Hello.
On 1/28/2016 6:30 AM, Bernie Harris wrote:
> There are cases where qdisc_dequeue_peeked can return NULL, and the result
> is dereferenced later on in the function.
>
> Similarly to the other qdisc dequeue functions, check whether the skb
> pointer is NULL and if it is, goto out.
>
> Signed-off-by: Bernie Harris <bernie.harris@...iedtelesis.co.nz>
> ---
> net/sched/sch_drr.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/net/sched/sch_drr.c b/net/sched/sch_drr.c
> index f26bdea..a1cd778 100644
> --- a/net/sched/sch_drr.c
> +++ b/net/sched/sch_drr.c
> @@ -403,6 +403,8 @@ static struct sk_buff *drr_dequeue(struct Qdisc *sch)
> if (len <= cl->deficit) {
> cl->deficit -= len;
> skb = qdisc_dequeue_peeked(cl->qdisc);
> + if (unlikely(skb == NULL))
!skb is preferred in the networking code. I think scripts/checkpatch.pl
should've warned you.
[...]
MBR, Sergei
Powered by blists - more mailing lists