diff mbox series

[net] macvlan: fix null pointer dereference in macvlan_changelink_sources()

Message ID 1609324695-1516-1-git-send-email-wangyunjian@huawei.com (mailing list archive)
State Changes Requested
Delegated to: Netdev Maintainers
Headers show
Series [net] macvlan: fix null pointer dereference in macvlan_changelink_sources() | expand

Checks

Context Check Description
netdev/cover_letter success Link
netdev/fixes_present success Link
netdev/patch_count success Link
netdev/tree_selection success Clearly marked for net
netdev/subject_prefix success Link
netdev/cc_maintainers warning 1 maintainers not CCed: michael-dev@fami-braun.de
netdev/source_inline success Was 0 now: 0
netdev/verify_signedoff success Link
netdev/module_param success Was 0 now: 0
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/verify_fixes success Link
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/build_allmodconfig_warn success Errors and warnings before: 0 this patch: 0
netdev/header_inline success Link
netdev/stable success Stable not CCed

Commit Message

wangyunjian Dec. 30, 2020, 10:38 a.m. UTC 
From: Yunjian Wang <wangyunjian@huawei.com>

Currently pointer data is dereferenced when declaring addr before
pointer data is null checked. This could lead to a null pointer
dereference. Fix this by checking if pointer data is null first.

Fixes: 79cf79abce71 ("macvlan: add source mode")
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
---
 drivers/net/macvlan.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Jakub Kicinski Jan. 4, 2021, 9:35 p.m. UTC | #1 
On Wed, 30 Dec 2020 18:38:15 +0800 wangyunjian wrote:
> From: Yunjian Wang <wangyunjian@huawei.com>
> 
> Currently pointer data is dereferenced when declaring addr before
> pointer data is null checked. This could lead to a null pointer
> dereference. Fix this by checking if pointer data is null first.
> 
> Fixes: 79cf79abce71 ("macvlan: add source mode")
> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>

I don't see it. All calls to macvlan_changelink_sources() are under 
if (data) { ... } so data is never NULL. Looks like we should rather
clean up macvlan_changelink_sources() to not check data for
MACVLAN_MACADDR_SET. 

WDYT?
wangyunjian Jan. 5, 2021, 6:36 a.m. UTC | #2 
> -----Original Message-----
> From: Jakub Kicinski [mailto:kuba@kernel.org]
> Sent: Tuesday, January 5, 2021 5:35 AM
> To: wangyunjian <wangyunjian@huawei.com>
> Cc: netdev@vger.kernel.org; davem@davemloft.net; Lilijun (Jerry)
> <jerry.lilijun@huawei.com>; xudingke <xudingke@huawei.com>
> Subject: Re: [PATCH net] macvlan: fix null pointer dereference in
> macvlan_changelink_sources()
> 
> On Wed, 30 Dec 2020 18:38:15 +0800 wangyunjian wrote:
> > From: Yunjian Wang <wangyunjian@huawei.com>
> >
> > Currently pointer data is dereferenced when declaring addr before
> > pointer data is null checked. This could lead to a null pointer
> > dereference. Fix this by checking if pointer data is null first.
> >
> > Fixes: 79cf79abce71 ("macvlan: add source mode")
> > Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
> 
> I don't see it. All calls to macvlan_changelink_sources() are under
> if (data) { ... } so data is never NULL. Looks like we should rather
> clean up macvlan_changelink_sources() to not check data for
> MACVLAN_MACADDR_SET.
> 
> WDYT?

OK, thanks for your suggestion, will include them in next version.

Yunjian
diff mbox series

Patch

diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
index fb51329f8964..e412fd6b6798 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
@@ -1356,7 +1356,7 @@  static int macvlan_changelink_sources(struct macvlan_dev *vlan, u32 mode,
 	struct nlattr *nla, *head;
 	struct macvlan_source_entry *entry;
 
-	if (data[IFLA_MACVLAN_MACADDR])
+	if (data && data[IFLA_MACVLAN_MACADDR])
 		addr = nla_data(data[IFLA_MACVLAN_MACADDR]);
 
 	if (mode == MACVLAN_MACADDR_ADD) {