All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH net-next] tipc: check nl sock before parsing nested attributes
@ 2016-05-16  9:14 Richard Alpe
  2016-05-16 14:06 ` [tipc-discussion] " Jon Maloy
  2016-05-17  1:59 ` David Miller
  0 siblings, 2 replies; 4+ messages in thread
From: Richard Alpe @ 2016-05-16  9:14 UTC (permalink / raw)
  To: netdev; +Cc: sploving1, tipc-discussion, eric.dumazet

Make sure the socket for which the user is listing publication exists
before parsing the socket netlink attributes.

Prior to this patch a call without any socket caused a NULL pointer
dereference in tipc_nl_publ_dump().

Tested-and-reported-by: Baozeng Ding <sploving1@gmail.com>
Signed-off-by: Richard Alpe <richard.alpe@ericsson.com>
---
 net/tipc/socket.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/tipc/socket.c b/net/tipc/socket.c
index 1262889..3b7a799 100644
--- a/net/tipc/socket.c
+++ b/net/tipc/socket.c
@@ -2853,6 +2853,9 @@ int tipc_nl_publ_dump(struct sk_buff *skb, struct netlink_callback *cb)
 		if (err)
 			return err;
 
+		if (!attrs[TIPC_NLA_SOCK])
+			return -EINVAL;
+
 		err = nla_parse_nested(sock, TIPC_NLA_SOCK_MAX,
 				       attrs[TIPC_NLA_SOCK],
 				       tipc_nl_sock_policy);
-- 
2.1.4


------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* RE: [tipc-discussion] [PATCH net-next] tipc: check nl sock before parsing nested attributes
  2016-05-16  9:14 [PATCH net-next] tipc: check nl sock before parsing nested attributes Richard Alpe
@ 2016-05-16 14:06 ` Jon Maloy
  2016-05-16 15:07   ` Eric Dumazet
  2016-05-17  1:59 ` David Miller
  1 sibling, 1 reply; 4+ messages in thread
From: Jon Maloy @ 2016-05-16 14:06 UTC (permalink / raw)
  To: Richard Alpe, netdev; +Cc: sploving1, tipc-discussion, eric.dumazet

This is a serious bug, so it should be posted to net, not net-next.

Otherwise,
Acked-by: Jon Maloy <jon.maloy@ericsson.cm>

///jon

> -----Original Message-----
> From: Richard Alpe [mailto:richard.alpe@ericsson.com]
> Sent: Monday, 16 May, 2016 05:15
> To: netdev@vger.kernel.org
> Cc: sploving1@gmail.com; tipc-discussion@lists.sourceforge.net;
> eric.dumazet@gmail.com
> Subject: [tipc-discussion] [PATCH net-next] tipc: check nl sock before parsing
> nested attributes
> 
> Make sure the socket for which the user is listing publication exists
> before parsing the socket netlink attributes.
> 
> Prior to this patch a call without any socket caused a NULL pointer
> dereference in tipc_nl_publ_dump().
> 
> Tested-and-reported-by: Baozeng Ding <sploving1@gmail.com>
> Signed-off-by: Richard Alpe <richard.alpe@ericsson.com>
> ---
>  net/tipc/socket.c | 3 +++
>  1 file changed, 3 insertions(+)
> 
> diff --git a/net/tipc/socket.c b/net/tipc/socket.c
> index 1262889..3b7a799 100644
> --- a/net/tipc/socket.c
> +++ b/net/tipc/socket.c
> @@ -2853,6 +2853,9 @@ int tipc_nl_publ_dump(struct sk_buff *skb, struct
> netlink_callback *cb)
>  		if (err)
>  			return err;
> 
> +		if (!attrs[TIPC_NLA_SOCK])
> +			return -EINVAL;
> +
>  		err = nla_parse_nested(sock, TIPC_NLA_SOCK_MAX,
>  				       attrs[TIPC_NLA_SOCK],
>  				       tipc_nl_sock_policy);
> --
> 2.1.4
> 
> 
> ------------------------------------------------------------------------------
> Mobile security can be enabling, not merely restricting. Employees who
> bring their own devices (BYOD) to work are irked by the imposition of MDM
> restrictions. Mobile Device Manager Plus allows you to control only the
> apps on BYO-devices by containerizing them, leaving personal data untouched!
> https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
> _______________________________________________
> tipc-discussion mailing list
> tipc-discussion@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tipc-discussion

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [tipc-discussion] [PATCH net-next] tipc: check nl sock before parsing nested attributes
  2016-05-16 14:06 ` [tipc-discussion] " Jon Maloy
@ 2016-05-16 15:07   ` Eric Dumazet
  0 siblings, 0 replies; 4+ messages in thread
From: Eric Dumazet @ 2016-05-16 15:07 UTC (permalink / raw)
  To: Jon Maloy; +Cc: Richard Alpe, netdev, sploving1, tipc-discussion

On Mon, 2016-05-16 at 14:06 +0000, Jon Maloy wrote:
> This is a serious bug, so it should be posted to net, not net-next.
> 
> Otherwise,
> Acked-by: Jon Maloy <jon.maloy@ericsson.cm>

Well, linux-4.6 is out, so it does not really matter.

Next push from David will use his net-next tree.

Thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [PATCH net-next] tipc: check nl sock before parsing nested attributes
  2016-05-16  9:14 [PATCH net-next] tipc: check nl sock before parsing nested attributes Richard Alpe
  2016-05-16 14:06 ` [tipc-discussion] " Jon Maloy
@ 2016-05-17  1:59 ` David Miller
  1 sibling, 0 replies; 4+ messages in thread
From: David Miller @ 2016-05-17  1:59 UTC (permalink / raw)
  To: richard.alpe; +Cc: netdev, tipc-discussion, eric.dumazet, sploving1

From: Richard Alpe <richard.alpe@ericsson.com>
Date: Mon, 16 May 2016 11:14:54 +0200

> Make sure the socket for which the user is listing publication exists
> before parsing the socket netlink attributes.
> 
> Prior to this patch a call without any socket caused a NULL pointer
> dereference in tipc_nl_publ_dump().
> 
> Tested-and-reported-by: Baozeng Ding <sploving1@gmail.com>
> Signed-off-by: Richard Alpe <richard.alpe@ericsson.com>

Applied and queued up for -stable.

------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-05-17  1:59 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-05-16  9:14 [PATCH net-next] tipc: check nl sock before parsing nested attributes Richard Alpe
2016-05-16 14:06 ` [tipc-discussion] " Jon Maloy
2016-05-16 15:07   ` Eric Dumazet
2016-05-17  1:59 ` David Miller

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.