diff mbox series

[net-next] nfc: nci: fix possible NULL pointer dereference in send_acknowledge()

Message ID 20231013184129.18738-1-krzysztof.kozlowski@linaro.org (mailing list archive)
State Accepted
Commit 7937609cd387246aed994e81aa4fa951358fba41
Delegated to: Netdev Maintainers
Headers show
Series [net-next] nfc: nci: fix possible NULL pointer dereference in send_acknowledge() | expand

Checks

Context Check Description
netdev/series_format success Single patches do not need cover letters
netdev/tree_selection success Clearly marked for net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 1360 this patch: 1360
netdev/cc_maintainers success CCed 8 of 8 maintainers
netdev/build_clang success Errors and warnings before: 1385 this patch: 1385
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success Fixes tag looks correct
netdev/build_allmodconfig_warn success Errors and warnings before: 1385 this patch: 1385
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Krzysztof Kozlowski Oct. 13, 2023, 6:41 p.m. UTC 
Handle memory allocation failure from nci_skb_alloc() (calling
alloc_skb()) to avoid possible NULL pointer dereference.

Reported-by: 黄思聪 <huangsicong@iie.ac.cn>
Fixes: 391d8a2da787 ("NFC: Add NCI over SPI receive")
Cc: <stable@vger.kernel.org>
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
---
 net/nfc/nci/spi.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Simon Horman Oct. 16, 2023, 11:28 a.m. UTC | #1 
On Fri, Oct 13, 2023 at 08:41:29PM +0200, Krzysztof Kozlowski wrote:
> Handle memory allocation failure from nci_skb_alloc() (calling
> alloc_skb()) to avoid possible NULL pointer dereference.
> 
> Reported-by: 黄思聪 <huangsicong@iie.ac.cn>
> Fixes: 391d8a2da787 ("NFC: Add NCI over SPI receive")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>

Thanks,

I agree that nci_skb_alloc() may turn NULL and that this
is an appropriate way to handle that.

As an aside, I observe that the return value of send_acknowledge()
is not checked. But I don't think that affects the correctness of this
change.

Reviewed-by: Simon Horman <horms@kernel.org>
patchwork-bot+netdevbpf@kernel.org Oct. 17, 2023, 12:50 a.m. UTC | #2 
Hello:

This patch was applied to netdev/net.git (main)
by Jakub Kicinski <kuba@kernel.org>:

On Fri, 13 Oct 2023 20:41:29 +0200 you wrote:
> Handle memory allocation failure from nci_skb_alloc() (calling
> alloc_skb()) to avoid possible NULL pointer dereference.
> 
> Reported-by: 黄思聪 <huangsicong@iie.ac.cn>
> Fixes: 391d8a2da787 ("NFC: Add NCI over SPI receive")
> Cc: <stable@vger.kernel.org>
> Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
> 
> [...]

Here is the summary with links:
  - [net-next] nfc: nci: fix possible NULL pointer dereference in send_acknowledge()
    https://git.kernel.org/netdev/net/c/7937609cd387

You are awesome, thank you!
diff mbox series

Patch

diff --git a/net/nfc/nci/spi.c b/net/nfc/nci/spi.c
index 0935527d1d12..b68150c971d0 100644
--- a/net/nfc/nci/spi.c
+++ b/net/nfc/nci/spi.c
@@ -151,6 +151,8 @@  static int send_acknowledge(struct nci_spi *nspi, u8 acknowledge)
 	int ret;
 
 	skb = nci_skb_alloc(nspi->ndev, 0, GFP_KERNEL);
+	if (!skb)
+		return -ENOMEM;
 
 	/* add the NCI SPI header to the start of the buffer */
 	hdr = skb_push(skb, NCI_SPI_HDR_LEN);