lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20211208183608.27852c15@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
Date:   Wed, 8 Dec 2021 18:36:08 -0800
From:   Jakub Kicinski <kuba@...nel.org>
To:     Jiasheng Jiang <jiasheng@...as.ac.cn>
Cc:     jhs@...atatu.com, xiyou.wangcong@...il.com, jiri@...nulli.us,
        davem@...emloft.net, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: sched: gred: potential dereference of null pointer

On Thu,  9 Dec 2021 10:13:46 +0800 Jiasheng Jiang wrote:
> The return value of kzalloc() needs to be checked.
> To avoid use of null pointer in gred_change_vq() in case
> of the failure of alloc.
> 
> Fixes: 869aa41044b0 ("sch_gred: prefer GFP_KERNEL allocations")
> Signed-off-by: Jiasheng Jiang <jiasheng@...as.ac.cn>

I don't see how. Please explain in more detail. gred_change_vq() gets 
a pointer to a pointer and checks if its values is NULL.

> diff --git a/net/sched/sch_gred.c b/net/sched/sch_gred.c
> index f4132dc25ac0..c0d355281baf 100644
> --- a/net/sched/sch_gred.c
> +++ b/net/sched/sch_gred.c
> @@ -697,6 +697,8 @@ static int gred_change(struct Qdisc *sch, struct nlattr *opt,
>  	}
>  
>  	prealloc = kzalloc(sizeof(*prealloc), GFP_KERNEL);
> +	if (!prealloc)
> +		return -ENOMEM;
>  	sch_tree_lock(sch);
>  
>  	err = gred_change_vq(sch, ctl->DP, ctl, prio, stab, max_P, &prealloc,

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ