| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1308b92b9592f6a3331b199658e306714c8c9cac.camel@gmail.com>
Date: Sat, 03 Apr 2021 19:33:24 +0300
From: Pavel Skripkin <paskripkin@...il.com>
To: Johannes Berg <johannes@...solutions.net>,
"davem@...emloft.net" <davem@...emloft.net>,
"kuba@...nel.org" <kuba@...nel.org>
Cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] net: netlink: fix error check in
genl_family_rcv_msg_doit
Hi!
On Sat, 2021-04-03 at 18:26 +0200, Johannes Berg wrote:
> On Sat, 2021-04-03 at 15:13 +0000, Pavel Skripkin wrote:
> > genl_family_rcv_msg_attrs_parse() can return NULL
> > pointer:
> >
> > if (!ops->maxattr)
> > return NULL;
> >
> > But this condition doesn't cause an error in
> > genl_family_rcv_msg_doit
>
> And I'm almost certain that in fact it shouldn't cause an error!
>
> If the family doesn't set maxattr then it doesn't want to have
> generic
> netlink doing the parsing, but still it should be possible to call
> the
> ops. Look at fs/dlm/netlink.c for example, it doesn't even have
> attributes. You're breaking it with this patch.
>
> Also, the (NULL) pointer is not actually _used_ anywhere, so why
> would
> it matter?
>
Oh, I see now. I thought, it could cause a NULL ptr deference in some
cases, because some ->doit() functions accessing info.attrs directly.
Now I understand the point, sorry for my misunderstanding the
situation.
> johannes
>
With regards,
Pavel Skripkin
Powered by blists - more mailing lists