Thread (6 messages) 6 messages, 4 authors, 2017-06-06

Re: [PATCH] net: bridge: fix potential NULL pointer dereference

From: Gustavo A. R. Silva <hidden>
Date: 2017-06-06 03:19:14
Also in: bridge

Hi Nikolay,

Quoting Nikolay Aleksandrov [off-list ref]:
On 06/06/17 00:30, Gustavo A. R. Silva wrote:
quoted
Add NULL check before dereferencing pointer _p_ inside br_afspec().

Addresses-Coverity-ID: 1401872
Signed-off-by: Gustavo A. R. Silva <redacted>
---
 net/bridge/br_netlink.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
index 1e63ec4..ad85a9c 100644
--- a/net/bridge/br_netlink.c
+++ b/net/bridge/br_netlink.c
@@ -776,7 +776,7 @@ int br_setlink(struct net_device *dev, struct  
nlmsghdr *nlh, u16 flags)
 			goto out;
 	}

-	if (afspec) {
+	if (p && afspec) {
 		err = br_afspec((struct net_bridge *)netdev_priv(dev), p,
 				afspec, RTM_SETLINK);
 	}
While I see a possible issue with the new bridge tunnel code (+CC  
Roopa), this is
the wrong fix because there are legitimate use cases where p is null  
and br_afspec
is called.
We need to change the p->flags check in br_afspec()'s  
IFLA_BRIDGE_VLAN_TUNNEL_INFO case
to check for a NULL p first.
You're right. I got it.
Thanks for the report!
Sure thing, glad to help.

Thank you!
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help