| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1481858921.6603.5.camel@edumazet-glaptop3.roam.corp.google.com>
Date: Thu, 15 Dec 2016 19:28:41 -0800
From: Eric Dumazet <eric.dumazet@...il.com>
To: shakya.das@...sung.com
Cc: davem@...emloft.net, netdev@...r.kernel.org,
shakya89.das@...il.com, vidushi.koul@...sung.com
Subject: Re: [PATCH] net: ipv4: tcp_offload: check segs for NULL
On Thu, 2016-12-15 at 14:17 +0530, shakya.das@...sung.com wrote:
> From: Shakya Sundar Das <shakya.das@...sung.com>
>
> This patch will check segs for being NULL in tcp_gso_segment()
> before calling skb_shinfo(segs) from skb_is_gso(segs), otherwise
> kernel can run into a NULL-pointer dereference.
>
> Signed-off-by: Shakya Sundar Das <shakya.das@...sung.com>
> ---
> net/ipv4/tcp_offload.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/ipv4/tcp_offload.c b/net/ipv4/tcp_offload.c
> index bc68da3..93feefd 100644
> --- a/net/ipv4/tcp_offload.c
> +++ b/net/ipv4/tcp_offload.c
> @@ -96,7 +96,7 @@ struct sk_buff *tcp_gso_segment(struct sk_buff *skb,
> skb->ooo_okay = 0;
>
> segs = skb_segment(skb, features);
> - if (IS_ERR(segs))
> + if (IS_ERR_OR_NULL(segs))
> goto out;
>
> /* Only first segment might have ooo_okay set */
I do not see how this can ever happen.
How did you come up with this patch exactly ???
Powered by blists - more mailing lists