| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20230124162347.48bdae92@kernel.org>
Date: Tue, 24 Jan 2023 16:23:47 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Vladimir Oltean <vladimir.oltean@....com>
Cc: netdev@...r.kernel.org, "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Paolo Abeni <pabeni@...hat.com>,
Michal Kubecek <mkubecek@...e.cz>
Subject: Re: [PATCH net-next] net: ethtool: fix NULL pointer dereference in
stats_prepare_data()
On Tue, 24 Jan 2023 13:08:01 +0200 Vladimir Oltean wrote:
> In the following call path:
>
> ethnl_default_dumpit
> -> ethnl_default_dump_one
> -> ctx->ops->prepare_data
> -> stats_prepare_data
>
> struct genl_info *info will be passed as NULL, and stats_prepare_data()
> dereferences it while getting the extended ack pointer.
>
> To avoid that, just set the extack to NULL if "info" is NULL, since the
> netlink extack handling messages know how to deal with that.
>
> The pattern "info ? info->extack : NULL" is present in quite a few other
> "prepare_data" implementations, so it's clear that it's a more general
> problem to be dealt with at a higher level, but the code should have at
> least adhered to the current conventions to avoid the NULL dereference.
Choose one:
- you disagree with my comment on the report
- you don't think that we should mix the immediate fix with the
structural change
- you agree but "don't have the time" to fix this properly
Powered by blists - more mailing lists