* [MPTCP] [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
@ 2020-11-09 12:52 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2020-11-09 12:52 UTC (permalink / raw)
To: mptcp
[-- Attachment #1: Type: text/plain, Size: 1228 bytes --]
From: Colin Ian King <colin.king(a)canonical.com>
Currently the assignment of pointer net from the sock_net(sk) call
is potentially dereferencing a null pointer sk. sk points to the
same location as pointer msk and msk is being null checked after
the sock_net call. Fix this by calling sock_net after the null
check on pointer msk.
Addresses-Coverity: ("Dereference before null check")
Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
---
net/mptcp/pm_netlink.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index ed60538df7b2..e76879ea5a30 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -206,13 +206,15 @@ static void mptcp_pm_add_timer(struct timer_list *timer)
struct mptcp_pm_add_entry *entry = from_timer(entry, timer, add_timer);
struct mptcp_sock *msk = entry->sock;
struct sock *sk = (struct sock *)msk;
- struct net *net = sock_net(sk);
+ struct net *net;
pr_debug("msk=%p", msk);
if (!msk)
return;
+ net = sock_net(sk);
+
if (inet_sk_state_load(sk) == TCP_CLOSE)
return;
--
2.28.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
@ 2020-11-09 12:52 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2020-11-09 12:52 UTC (permalink / raw)
To: Mat Martineau, Matthieu Baerts, David S . Miller, Jakub Kicinski,
Geliang Tang, Paolo Abeni, netdev, mptcp
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
Currently the assignment of pointer net from the sock_net(sk) call
is potentially dereferencing a null pointer sk. sk points to the
same location as pointer msk and msk is being null checked after
the sock_net call. Fix this by calling sock_net after the null
check on pointer msk.
Addresses-Coverity: ("Dereference before null check")
Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
net/mptcp/pm_netlink.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index ed60538df7b2..e76879ea5a30 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -206,13 +206,15 @@ static void mptcp_pm_add_timer(struct timer_list *timer)
struct mptcp_pm_add_entry *entry = from_timer(entry, timer, add_timer);
struct mptcp_sock *msk = entry->sock;
struct sock *sk = (struct sock *)msk;
- struct net *net = sock_net(sk);
+ struct net *net;
pr_debug("msk=%p", msk);
if (!msk)
return;
+ net = sock_net(sk);
+
if (inet_sk_state_load(sk) == TCP_CLOSE)
return;
--
2.28.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
@ 2020-11-09 12:52 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2020-11-09 12:52 UTC (permalink / raw)
To: Mat Martineau, Matthieu Baerts, David S . Miller, Jakub Kicinski,
Geliang Tang, Paolo Abeni, netdev, mptcp
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
Currently the assignment of pointer net from the sock_net(sk) call
is potentially dereferencing a null pointer sk. sk points to the
same location as pointer msk and msk is being null checked after
the sock_net call. Fix this by calling sock_net after the null
check on pointer msk.
Addresses-Coverity: ("Dereference before null check")
Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
net/mptcp/pm_netlink.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index ed60538df7b2..e76879ea5a30 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -206,13 +206,15 @@ static void mptcp_pm_add_timer(struct timer_list *timer)
struct mptcp_pm_add_entry *entry = from_timer(entry, timer, add_timer);
struct mptcp_sock *msk = entry->sock;
struct sock *sk = (struct sock *)msk;
- struct net *net = sock_net(sk);
+ struct net *net;
pr_debug("msk=%p", msk);
if (!msk)
return;
+ net = sock_net(sk);
+
if (inet_sk_state_load(sk) = TCP_CLOSE)
return;
--
2.28.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [MPTCP] Re: [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
2020-11-09 12:52 ` Colin King
(?)
@ 2020-11-11 18:49 ` Mat Martineau
-1 siblings, 0 replies; 9+ messages in thread
From: Mat Martineau @ 2020-11-11 18:49 UTC (permalink / raw)
To: mptcp
[-- Attachment #1: Type: text/plain, Size: 1097 bytes --]
On Mon, 9 Nov 2020, Colin King wrote:
> From: Colin Ian King <colin.king(a)canonical.com>
>
> Currently the assignment of pointer net from the sock_net(sk) call
> is potentially dereferencing a null pointer sk. sk points to the
> same location as pointer msk and msk is being null checked after
> the sock_net call. Fix this by calling sock_net after the null
> check on pointer msk.
>
> Addresses-Coverity: ("Dereference before null check")
> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
> Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
> ---
> net/mptcp/pm_netlink.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
Hi Colin and Jakub -
I noticed that the follow-up discussion on this patch didn't go to the
netdev list, so patchwork did not get updated.
This patch is superseded by the following, which already has a Reviewed-by
tag from Matthieu:
http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang(a)gmail.com/
Thanks!
--
Mat Martineau
Intel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
@ 2020-11-11 18:49 ` Mat Martineau
0 siblings, 0 replies; 9+ messages in thread
From: Mat Martineau @ 2020-11-11 18:49 UTC (permalink / raw)
To: Colin King, Jakub Kicinski
Cc: Matthieu Baerts, David S . Miller, Geliang Tang, Paolo Abeni,
netdev, mptcp, kernel-janitors, linux-kernel
On Mon, 9 Nov 2020, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Currently the assignment of pointer net from the sock_net(sk) call
> is potentially dereferencing a null pointer sk. sk points to the
> same location as pointer msk and msk is being null checked after
> the sock_net call. Fix this by calling sock_net after the null
> check on pointer msk.
>
> Addresses-Coverity: ("Dereference before null check")
> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
> net/mptcp/pm_netlink.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
Hi Colin and Jakub -
I noticed that the follow-up discussion on this patch didn't go to the
netdev list, so patchwork did not get updated.
This patch is superseded by the following, which already has a Reviewed-by
tag from Matthieu:
http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang@gmail.com/
Thanks!
--
Mat Martineau
Intel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
@ 2020-11-11 18:49 ` Mat Martineau
0 siblings, 0 replies; 9+ messages in thread
From: Mat Martineau @ 2020-11-11 18:49 UTC (permalink / raw)
To: Colin King, Jakub Kicinski
Cc: Matthieu Baerts, David S . Miller, Geliang Tang, Paolo Abeni,
netdev, mptcp, kernel-janitors, linux-kernel
On Mon, 9 Nov 2020, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Currently the assignment of pointer net from the sock_net(sk) call
> is potentially dereferencing a null pointer sk. sk points to the
> same location as pointer msk and msk is being null checked after
> the sock_net call. Fix this by calling sock_net after the null
> check on pointer msk.
>
> Addresses-Coverity: ("Dereference before null check")
> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
> net/mptcp/pm_netlink.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
Hi Colin and Jakub -
I noticed that the follow-up discussion on this patch didn't go to the
netdev list, so patchwork did not get updated.
This patch is superseded by the following, which already has a Reviewed-by
tag from Matthieu:
http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang@gmail.com/
Thanks!
--
Mat Martineau
Intel
^ permalink raw reply [flat|nested] 9+ messages in thread
* [MPTCP] Re: [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
2020-11-11 18:49 ` Mat Martineau
(?)
@ 2020-11-11 19:23 ` Colin Ian King
-1 siblings, 0 replies; 9+ messages in thread
From: Colin Ian King @ 2020-11-11 19:23 UTC (permalink / raw)
To: mptcp
[-- Attachment #1: Type: text/plain, Size: 1267 bytes --]
On 11/11/2020 18:49, Mat Martineau wrote:
> On Mon, 9 Nov 2020, Colin King wrote:
>
>> From: Colin Ian King <colin.king(a)canonical.com>
>>
>> Currently the assignment of pointer net from the sock_net(sk) call
>> is potentially dereferencing a null pointer sk. sk points to the
>> same location as pointer msk and msk is being null checked after
>> the sock_net call. Fix this by calling sock_net after the null
>> check on pointer msk.
>>
>> Addresses-Coverity: ("Dereference before null check")
>> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
>> Signed-off-by: Colin Ian King <colin.king(a)canonical.com>
>> ---
>> net/mptcp/pm_netlink.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>
> Hi Colin and Jakub -
>
> I noticed that the follow-up discussion on this patch didn't go to the
> netdev list, so patchwork did not get updated.
>
> This patch is superseded by the following, which already has a
> Reviewed-by tag from Matthieu:
>
> http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang(a)gmail.com/
>
>
OK, thanks for letting me know. Good to see it got fixed!
Colin
>
> Thanks!
>
> --
> Mat Martineau
> Intel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
@ 2020-11-11 19:23 ` Colin Ian King
0 siblings, 0 replies; 9+ messages in thread
From: Colin Ian King @ 2020-11-11 19:23 UTC (permalink / raw)
To: Mat Martineau, Jakub Kicinski
Cc: Matthieu Baerts, David S . Miller, Geliang Tang, Paolo Abeni,
netdev, mptcp, kernel-janitors, linux-kernel
On 11/11/2020 18:49, Mat Martineau wrote:
> On Mon, 9 Nov 2020, Colin King wrote:
>
>> From: Colin Ian King <colin.king@canonical.com>
>>
>> Currently the assignment of pointer net from the sock_net(sk) call
>> is potentially dereferencing a null pointer sk. sk points to the
>> same location as pointer msk and msk is being null checked after
>> the sock_net call. Fix this by calling sock_net after the null
>> check on pointer msk.
>>
>> Addresses-Coverity: ("Dereference before null check")
>> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
>> Signed-off-by: Colin Ian King <colin.king@canonical.com>
>> ---
>> net/mptcp/pm_netlink.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>
> Hi Colin and Jakub -
>
> I noticed that the follow-up discussion on this patch didn't go to the
> netdev list, so patchwork did not get updated.
>
> This patch is superseded by the following, which already has a
> Reviewed-by tag from Matthieu:
>
> http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang@gmail.com/
>
>
OK, thanks for letting me know. Good to see it got fixed!
Colin
>
> Thanks!
>
> --
> Mat Martineau
> Intel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked.
@ 2020-11-11 19:23 ` Colin Ian King
0 siblings, 0 replies; 9+ messages in thread
From: Colin Ian King @ 2020-11-11 19:23 UTC (permalink / raw)
To: Mat Martineau, Jakub Kicinski
Cc: Matthieu Baerts, David S . Miller, Geliang Tang, Paolo Abeni,
netdev, mptcp, kernel-janitors, linux-kernel
On 11/11/2020 18:49, Mat Martineau wrote:
> On Mon, 9 Nov 2020, Colin King wrote:
>
>> From: Colin Ian King <colin.king@canonical.com>
>>
>> Currently the assignment of pointer net from the sock_net(sk) call
>> is potentially dereferencing a null pointer sk. sk points to the
>> same location as pointer msk and msk is being null checked after
>> the sock_net call. Fix this by calling sock_net after the null
>> check on pointer msk.
>>
>> Addresses-Coverity: ("Dereference before null check")
>> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
>> Signed-off-by: Colin Ian King <colin.king@canonical.com>
>> ---
>> net/mptcp/pm_netlink.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>
> Hi Colin and Jakub -
>
> I noticed that the follow-up discussion on this patch didn't go to the
> netdev list, so patchwork did not get updated.
>
> This patch is superseded by the following, which already has a
> Reviewed-by tag from Matthieu:
>
> http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang@gmail.com/
>
>
OK, thanks for letting me know. Good to see it got fixed!
Colin
>
> Thanks!
>
> --
> Mat Martineau
> Intel
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2020-11-11 19:24 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-09 12:52 [MPTCP] [PATCH][next] mptcp: fix a dereference of pointer before msk is null checked Colin King
2020-11-09 12:52 ` Colin King
2020-11-09 12:52 ` Colin King
2020-11-11 18:49 [MPTCP] " Mat Martineau
2020-11-11 18:49 ` Mat Martineau
2020-11-11 18:49 ` Mat Martineau
2020-11-11 19:23 [MPTCP] " Colin Ian King
2020-11-11 19:23 ` Colin Ian King
2020-11-11 19:23 ` Colin Ian King
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.