| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <d4fac6b5-e392-b7a8-4287-ffa3aef79f4e@yandex-team.ru>
Date: Fri, 31 May 2019 11:41:35 +0300
From: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
To: Young Xiao <92siuyang@...il.com>, davem@...emloft.net,
dsahern@...il.com, roopa@...ulusnetworks.com, christian@...uner.io,
netdev@...r.kernel.org
Subject: Re: [PATCH] net/neighbour: fix potential null pointer deference
On 31.05.2019 11:29, Young Xiao wrote:
> There is a possible null pointer deference bugs in neigh_fill_info(),
> which is similar to the bug which was fixed in commit 6adc5fd6a142
> ("net/neighbour: fix crash at dumping device-agnostic proxy entries").
Have you seen this in real life?
I see nobody who could produce neighbour with null device pointer._
>
> Signed-off-by: Young Xiao <92siuyang@...il.com>
> ---
> net/core/neighbour.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/core/neighbour.c b/net/core/neighbour.c
> index dfa8710..33c3ff1 100644
> --- a/net/core/neighbour.c
> +++ b/net/core/neighbour.c
> @@ -2440,7 +2440,7 @@ static int neigh_fill_info(struct sk_buff *skb, struct neighbour *neigh,
> ndm->ndm_pad2 = 0;
> ndm->ndm_flags = neigh->flags;
> ndm->ndm_type = neigh->type;
> - ndm->ndm_ifindex = neigh->dev->ifindex;
> + ndm->ndm_ifindex = neigh->dev ? neigh->dev->ifindex : 0;
>
> if (nla_put(skb, NDA_DST, neigh->tbl->key_len, neigh->primary_key))
> goto nla_put_failure;
>
Powered by blists - more mailing lists