| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <163393357512.20318.16433402434764020686.kvalo@codeaurora.org>
Date: Mon, 11 Oct 2021 06:26:19 +0000 (UTC)
From: Kalle Valo <kvalo@...eaurora.org>
To: Tuo Li <islituo@...il.com>
Cc: davem@...emloft.net, kuba@...nel.org,
linux-wireless@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, baijiaju1990@...il.com,
Tuo Li <islituo@...il.com>, TOTE Robot <oslab@...nghua.edu.cn>
Subject: Re: [PATCH] ath: dfs_pattern_detector: Fix possible null-pointer
dereference in channel_detector_create()
Tuo Li <islituo@...il.com> wrote:
> kzalloc() is used to allocate memory for cd->detectors, and if it fails,
> channel_detector_exit() behind the label fail will be called:
> channel_detector_exit(dpd, cd);
>
> In channel_detector_exit(), cd->detectors is dereferenced through:
> struct pri_detector *de = cd->detectors[i];
>
> To fix this possible null-pointer dereference, check cd->detectors before
> the for loop to dereference cd->detectors.
>
> Reported-by: TOTE Robot <oslab@...nghua.edu.cn>
> Signed-off-by: Tuo Li <islituo@...il.com>
> Signed-off-by: Kalle Valo <kvalo@...eaurora.org>
Patch applied to ath-next branch of ath.git, thanks.
4b6012a7830b ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create()
--
https://patchwork.kernel.org/project/linux-wireless/patch/20210805153854.154066-1-islituo@gmail.com/
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
Powered by blists - more mailing lists