BPF Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH bpf] libbpf: fix potential NULL pointer dereference
@ 2021-04-08  5:20 Ciara Loftus
  2021-04-08 21:38 ` Daniel Borkmann
  0 siblings, 1 reply; 2+ messages in thread
From: Ciara Loftus @ 2021-04-08  5:20 UTC (permalink / raw)
  To: netdev, bpf, magnus.karlsson, bjorn, andrii.nakryiko, alexei.starovoitov
  Cc: Ciara Loftus

Wait until after the UMEM is checked for null to dereference it.

Fixes: 43f1bc1efff1 ("libbpf: Restore umem state after socket create failure")

Signed-off-by: Ciara Loftus <ciara.loftus@intel.com>
---
 tools/lib/bpf/xsk.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tools/lib/bpf/xsk.c b/tools/lib/bpf/xsk.c
index d24b5cc720ec..770040d1f893 100644
--- a/tools/lib/bpf/xsk.c
+++ b/tools/lib/bpf/xsk.c
@@ -858,12 +858,14 @@ int xsk_socket__create_shared(struct xsk_socket **xsk_ptr,
 	struct xsk_socket *xsk;
 	struct xsk_ctx *ctx;
 	int err, ifindex;
-	bool unmap = umem->fill_save != fill;
+	bool unmap;
 	bool rx_setup_done = false, tx_setup_done = false;
 
 	if (!umem || !xsk_ptr || !(rx || tx))
 		return -EFAULT;
 
+	unmap = umem->fill_save != fill;
+
 	xsk = calloc(1, sizeof(*xsk));
 	if (!xsk)
 		return -ENOMEM;
-- 
2.17.1


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [PATCH bpf] libbpf: fix potential NULL pointer dereference
  2021-04-08  5:20 [PATCH bpf] libbpf: fix potential NULL pointer dereference Ciara Loftus
@ 2021-04-08 21:38 ` Daniel Borkmann
  0 siblings, 0 replies; 2+ messages in thread
From: Daniel Borkmann @ 2021-04-08 21:38 UTC (permalink / raw)
  To: Ciara Loftus, netdev, bpf, magnus.karlsson, bjorn,
	andrii.nakryiko, alexei.starovoitov

On 4/8/21 7:20 AM, Ciara Loftus wrote:
> Wait until after the UMEM is checked for null to dereference it.
> 
> Fixes: 43f1bc1efff1 ("libbpf: Restore umem state after socket create failure")
> 
> Signed-off-by: Ciara Loftus <ciara.loftus@intel.com>

Applied, thanks!

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, back to index

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-08  5:20 [PATCH bpf] libbpf: fix potential NULL pointer dereference Ciara Loftus
2021-04-08 21:38 ` Daniel Borkmann

BPF Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/bpf/0 bpf/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 bpf bpf/ https://lore.kernel.org/bpf \
		bpf@vger.kernel.org
	public-inbox-index bpf

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.bpf


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git