lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Tue, 5 Jan 2021 06:36:04 +0000
From:   wangyunjian <wangyunjian@...wei.com>
To:     Jakub Kicinski <kuba@...nel.org>
CC:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "Lilijun (Jerry)" <jerry.lilijun@...wei.com>,
        xudingke <xudingke@...wei.com>
Subject: RE: [PATCH net] macvlan: fix null pointer dereference in
 macvlan_changelink_sources()

> -----Original Message-----
> From: Jakub Kicinski [mailto:kuba@...nel.org]
> Sent: Tuesday, January 5, 2021 5:35 AM
> To: wangyunjian <wangyunjian@...wei.com>
> Cc: netdev@...r.kernel.org; davem@...emloft.net; Lilijun (Jerry)
> <jerry.lilijun@...wei.com>; xudingke <xudingke@...wei.com>
> Subject: Re: [PATCH net] macvlan: fix null pointer dereference in
> macvlan_changelink_sources()
> 
> On Wed, 30 Dec 2020 18:38:15 +0800 wangyunjian wrote:
> > From: Yunjian Wang <wangyunjian@...wei.com>
> >
> > Currently pointer data is dereferenced when declaring addr before
> > pointer data is null checked. This could lead to a null pointer
> > dereference. Fix this by checking if pointer data is null first.
> >
> > Fixes: 79cf79abce71 ("macvlan: add source mode")
> > Signed-off-by: Yunjian Wang <wangyunjian@...wei.com>
> 
> I don't see it. All calls to macvlan_changelink_sources() are under
> if (data) { ... } so data is never NULL. Looks like we should rather
> clean up macvlan_changelink_sources() to not check data for
> MACVLAN_MACADDR_SET.
> 
> WDYT?

OK, thanks for your suggestion, will include them in next version.

Yunjian

Powered by blists - more mailing lists