| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250516203509.259117-1-ant.v.moryakov@gmail.com>
Date: Fri, 16 May 2025 23:35:09 +0300
From: ant.v.moryakov@...il.com
To: netdev@...r.kernel.org
Cc: anton@...r.local,
AntonMoryakov <ant.v.moryakov@...il.com>
Subject: [PATCH] json_print: add NULL check before jsonw_string_field() in print_string()
From: AntonMoryakov <ant.v.moryakov@...il.com>
Static analyzer (Svace) reported a potential null pointer dereference
in print_string(). Specifically, when both 'key' and 'value' are NULL,
the function falls through to jsonw_string_field(_jw, key, value),
which dereferences both pointers.
Although comments suggest this case is unlikely, it is safer to
explicitly guard against it. This patch adds a check to ensure
both key and value are non-NULL before passing to jsonw_string_field().
This resolves:
DEREF_AFTER_NULL: json_print.c:142
Found by Svace static analysis tool.
Signed-off-by: Anton Moryakov <ant.v.moryakov@...il.com>
---
json_print.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/json_print.c b/json_print.c
index 4f62767..76e654b 100644
--- a/json_print.c
+++ b/json_print.c
@@ -138,13 +138,15 @@ void print_string(enum output_type type,
jsonw_name(_jw, key);
else if (!key && value)
jsonw_string(_jw, value);
- else
+ else if (key && value)
jsonw_string_field(_jw, key, value);
} else if (_IS_FP_CONTEXT(type)) {
- fprintf(stdout, fmt, value);
+ if (value) // защита fprintf
+ fprintf(stdout, fmt, value);
}
}
+
/*
* value's type is bool. When using this function in FP context you can't pass
* a value to it, you will need to use "is_json_context()" to have different
--
2.34.1
Powered by blists - more mailing lists