| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250518131818.972039-1-ant.v.moryakov@gmail.com> Date: Sun, 18 May 2025 16:18:18 +0300 From: ant.v.moryakov@...il.com To: mkubecek@...e.cz Cc: netdev@...r.kernel.org, AntonMoryakov <ant.v.moryakov@...il.com> Subject: [PATCH] fec: fix possible NULL dereference in fec_mode_walk() From: AntonMoryakov <ant.v.moryakov@...il.com> Static analyzer (Svace) reported a possible null pointer dereference in fec_mode_walk(), where the 'name' pointer is passed to print_string() without checking for NULL. Although some callers check the return value of get_string(), others (e.g., walk_bitset()) do not. This patch adds an early NULL check to avoid dereferencing a null pointer. This resolves: DEREF_OF_NULL.EX.COND: json_print.c:142 via fec.c Found by Svace static analysis tool. Signed-off-by: Anton Moryakov <ant.v.moryakov@...il.com> --- netlink/fec.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/netlink/fec.c b/netlink/fec.c index 6027dc0..ed100d7 100644 --- a/netlink/fec.c +++ b/netlink/fec.c @@ -27,6 +27,8 @@ fec_mode_walk(unsigned int idx, const char *name, bool val, void *data) if (!val) return; + if (!name) + return; if (empty) *empty = false; -- 2.34.1
Powered by blists - more mailing lists