| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 7 Dec 2022 17:11:12 -0800
From: Jesse Brandeburg <jesse.brandeburg@...el.com>
To: mkubecek@...e.cz
Cc: netdev@...r.kernel.org,
Jesse Brandeburg <jesse.brandeburg@...el.com>
Subject: [PATCH ethtool v2 03/13] ethtool: disallow passing null to find_option
After testing with this code in the debugger, it is technically possible
to pass a NULL argument to ethtool which then prods it to call strncmp
with a NULL value, which triggers this warning:
Description: Null pointer passed to 1st parameter expecting 'nonnull'
File: /git/ethtool/ethtool.c
Line: 6129
Since segfaults are bad, let's just add a check for NULL when parsing
the initial arguments. The other cases of a NULL option are seemingly
handled.
Fixes: 127f80691f96 ("Move argument parsing to sub-command functions")
Signed-off-by: Jesse Brandeburg <jesse.brandeburg@...el.com>
---
ethtool.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ethtool.c b/ethtool.c
index 3207e49137c4..a72577b32601 100644
--- a/ethtool.c
+++ b/ethtool.c
@@ -6389,7 +6389,7 @@ int main(int argc, char **argp)
* name to get settings for (which we don't expect to begin
* with '-').
*/
- if (argc == 0)
+ if (argc == 0 || *argp == NULL)
exit_bad_args();
k = find_option(*argp);
--
2.31.1
Powered by blists - more mailing lists