| Message ID | 20210711111546.3695-1-alexander.mikhalitsyn@virtuozzo.com (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Stephen Hemminger |
| Headers | show |
| Series | [iproute2] libnetlink: check error handler is present before a call | expand |
| Context | Check | Description |
|---|---|---|
| netdev/tree_selection | success | Not a local patch |
On 2021-07-11 2:15 PM, Alexander Mikhalitsyn wrote: > Fix nullptr dereference of errhndlr from rtnl_dump_filter_arg > struct in rtnl_dump_done and rtnl_dump_error functions. > > Fixes: 459ce6e3d792 ("ip route: ignore ENOENT during save if RT_TABLE_MAIN is being dumped") > Cc: Stephen Hemminger <stephen@networkplumber.org> > Cc: Roi Dayan <roid@nvidia.com> > Cc: Alexander Mikhalitsyn <alexander@mihalicyn.com> > Reported-by: Roi Dayan <roid@nvidia.com> > Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com> > --- > lib/libnetlink.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/lib/libnetlink.c b/lib/libnetlink.c > index e9b8c3bd..d068dbe2 100644 > --- a/lib/libnetlink.c > +++ b/lib/libnetlink.c > @@ -686,7 +686,7 @@ static int rtnl_dump_done(struct nlmsghdr *h, > if (len < 0) { > errno = -len; > > - if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR) > + if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR)) > return 0; > > /* check for any messages returned from kernel */ > @@ -729,7 +729,7 @@ static int rtnl_dump_error(const struct rtnl_handle *rth, > errno == EOPNOTSUPP)) > return -1; > > - if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR) > + if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR)) > return 0; > > if (!(rth->flags & RTNL_HANDLE_F_SUPPRESS_NLERR)) > that was quick. was about to send the exact same patch :) so tested as well. thanks! Reviewed-by: Roi Dayan <roid@nvidia.com>
On Sun, Jul 11, 2021 at 2:18 PM Roi Dayan <roid@nvidia.com> wrote: > > > > On 2021-07-11 2:15 PM, Alexander Mikhalitsyn wrote: > > Fix nullptr dereference of errhndlr from rtnl_dump_filter_arg > > struct in rtnl_dump_done and rtnl_dump_error functions. > > > > Fixes: 459ce6e3d792 ("ip route: ignore ENOENT during save if RT_TABLE_MAIN is being dumped") > > Cc: Stephen Hemminger <stephen@networkplumber.org> > > Cc: Roi Dayan <roid@nvidia.com> > > Cc: Alexander Mikhalitsyn <alexander@mihalicyn.com> > > Reported-by: Roi Dayan <roid@nvidia.com> > > Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com> > > --- > > lib/libnetlink.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/lib/libnetlink.c b/lib/libnetlink.c > > index e9b8c3bd..d068dbe2 100644 > > --- a/lib/libnetlink.c > > +++ b/lib/libnetlink.c > > @@ -686,7 +686,7 @@ static int rtnl_dump_done(struct nlmsghdr *h, > > if (len < 0) { > > errno = -len; > > > > - if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR) > > + if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR)) > > return 0; > > > > /* check for any messages returned from kernel */ > > @@ -729,7 +729,7 @@ static int rtnl_dump_error(const struct rtnl_handle *rth, > > errno == EOPNOTSUPP)) > > return -1; > > > > - if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR) > > + if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR)) > > return 0; > > > > if (!(rth->flags & RTNL_HANDLE_F_SUPPRESS_NLERR)) > > > > that was quick. was about to send the exact same patch :) > so tested as well. thanks! hah ;) Thanks for reporting and sorry that I've introduced the issue that affected you. > > Reviewed-by: Roi Dayan <roid@nvidia.com> > Thanks, Alex
diff --git a/lib/libnetlink.c b/lib/libnetlink.c index e9b8c3bd..d068dbe2 100644 --- a/lib/libnetlink.c +++ b/lib/libnetlink.c @@ -686,7 +686,7 @@ static int rtnl_dump_done(struct nlmsghdr *h, if (len < 0) { errno = -len; - if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR) + if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_DONE_NLERR)) return 0; /* check for any messages returned from kernel */ @@ -729,7 +729,7 @@ static int rtnl_dump_error(const struct rtnl_handle *rth, errno == EOPNOTSUPP)) return -1; - if (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR) + if (a->errhndlr && (a->errhndlr(h, a->arg2) & RTNL_SUPPRESS_NLMSG_ERROR_NLERR)) return 0; if (!(rth->flags & RTNL_HANDLE_F_SUPPRESS_NLERR))
Fix nullptr dereference of errhndlr from rtnl_dump_filter_arg struct in rtnl_dump_done and rtnl_dump_error functions. Fixes: 459ce6e3d792 ("ip route: ignore ENOENT during save if RT_TABLE_MAIN is being dumped") Cc: Stephen Hemminger <stephen@networkplumber.org> Cc: Roi Dayan <roid@nvidia.com> Cc: Alexander Mikhalitsyn <alexander@mihalicyn.com> Reported-by: Roi Dayan <roid@nvidia.com> Signed-off-by: Alexander Mikhalitsyn <alexander.mikhalitsyn@virtuozzo.com> --- lib/libnetlink.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)