Re: [PATCH RESEND] ptp: Fixes a null pointer dereference in ptp_ioctl

From: patchwork-bot+netdevbpf@kernel.org
Date: 2023-11-10 18:09:46
Also in: linux-kernel-mentees, lkml

Hello:

This patch was applied to netdev/net.git (main)
by David S. Miller [off-list ref]:

On Wed,  8 Nov 2023 02:18:36 +0530 you wrote:

Syzkaller found a null pointer dereference in ptp_ioctl
originating from the lack of a null check for tsevq.

general protection fault, probably for non-canonical
	address 0xdffffc000000020b: 0000 [#1] PREEMPT SMP KASAN
KASAN: probably user-memory-access in range
	[0x0000000000001058-0x000000000000105f]
CPU: 0 PID: 5053 Comm: syz-executor353 Not tainted
	6.6.0-syzkaller-10396-g4652b8e4f3ff #0
Hardware name: Google Google Compute Engine/Google Compute Engine,
	BIOS Google 10/09/2023
RIP: 0010:ptp_ioctl+0xcb7/0x1d10 drivers/ptp/ptp_chardev.c:476
...
Call Trace:
 <TASK>
 posix_clock_ioctl+0xf8/0x160 kernel/time/posix-clock.c:86
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:871 [inline]
 __se_sys_ioctl fs/ioctl.c:857 [inline]
 __x64_sys_ioctl+0x18f/0x210 fs/ioctl.c:857
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

[...]

Here is the summary with links:
  - [RESEND] ptp: Fixes a null pointer dereference in ptp_ioctl
    https://git.kernel.org/netdev/net/c/8a4f030dbced

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help