Re: [PATCH] net: bridge: fix potential NULL pointer dereference
From: Gustavo A. R. Silva <hidden>
Date: 2017-06-06 03:19:14
Also in:
bridge
From: Gustavo A. R. Silva <hidden>
Date: 2017-06-06 03:19:14
Also in:
bridge
Hi Nikolay, Quoting Nikolay Aleksandrov [off-list ref]:
On 06/06/17 00:30, Gustavo A. R. Silva wrote:quoted
Add NULL check before dereferencing pointer _p_ inside br_afspec(). Addresses-Coverity-ID: 1401872 Signed-off-by: Gustavo A. R. Silva <redacted> --- net/bridge/br_netlink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index 1e63ec4..ad85a9c 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c@@ -776,7 +776,7 @@ int br_setlink(struct net_device *dev, structnlmsghdr *nlh, u16 flags) goto out; } - if (afspec) { + if (p && afspec) { err = br_afspec((struct net_bridge *)netdev_priv(dev), p, afspec, RTM_SETLINK); }While I see a possible issue with the new bridge tunnel code (+CC Roopa), this is the wrong fix because there are legitimate use cases where p is null and br_afspec is called. We need to change the p->flags check in br_afspec()'s IFLA_BRIDGE_VLAN_TUNNEL_INFO case to check for a NULL p first.
You're right. I got it.
Thanks for the report!
Sure thing, glad to help. Thank you!