* [PATCH] net: netlink: fix error check in genl_family_rcv_msg_doit
@ 2021-04-03 15:13 Pavel Skripkin
2021-04-03 16:26 ` Johannes Berg
0 siblings, 1 reply; 3+ messages in thread
From: Pavel Skripkin @ 2021-04-03 15:13 UTC (permalink / raw)
To: davem, kuba, johannes.berg; +Cc: netdev, linux-kernel, Pavel Skripkin
genl_family_rcv_msg_attrs_parse() can return NULL
pointer:
if (!ops->maxattr)
return NULL;
But this condition doesn't cause an error in
genl_family_rcv_msg_doit
Signed-off-by: Pavel Skripkin <paskripkin@gmail.com>
---
net/netlink/genetlink.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index 2d6fdf40df66..c06d06ead181 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -719,6 +719,8 @@ static int genl_family_rcv_msg_doit(const struct genl_family *family,
GENL_DONT_VALIDATE_STRICT);
if (IS_ERR(attrbuf))
return PTR_ERR(attrbuf);
+ if (!attrbuf)
+ return -EINVAL;
info.snd_seq = nlh->nlmsg_seq;
info.snd_portid = NETLINK_CB(skb).portid;
--
2.30.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] net: netlink: fix error check in genl_family_rcv_msg_doit
2021-04-03 15:13 [PATCH] net: netlink: fix error check in genl_family_rcv_msg_doit Pavel Skripkin
@ 2021-04-03 16:26 ` Johannes Berg
2021-04-03 16:33 ` Pavel Skripkin
0 siblings, 1 reply; 3+ messages in thread
From: Johannes Berg @ 2021-04-03 16:26 UTC (permalink / raw)
To: Pavel Skripkin, davem, kuba; +Cc: netdev, linux-kernel
On Sat, 2021-04-03 at 15:13 +0000, Pavel Skripkin wrote:
> genl_family_rcv_msg_attrs_parse() can return NULL
> pointer:
>
> if (!ops->maxattr)
> return NULL;
>
> But this condition doesn't cause an error in
> genl_family_rcv_msg_doit
And I'm almost certain that in fact it shouldn't cause an error!
If the family doesn't set maxattr then it doesn't want to have generic
netlink doing the parsing, but still it should be possible to call the
ops. Look at fs/dlm/netlink.c for example, it doesn't even have
attributes. You're breaking it with this patch.
Also, the (NULL) pointer is not actually _used_ anywhere, so why would
it matter?
johannes
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] net: netlink: fix error check in genl_family_rcv_msg_doit
2021-04-03 16:26 ` Johannes Berg
@ 2021-04-03 16:33 ` Pavel Skripkin
0 siblings, 0 replies; 3+ messages in thread
From: Pavel Skripkin @ 2021-04-03 16:33 UTC (permalink / raw)
To: Johannes Berg, davem, kuba; +Cc: netdev, linux-kernel
Hi!
On Sat, 2021-04-03 at 18:26 +0200, Johannes Berg wrote:
> On Sat, 2021-04-03 at 15:13 +0000, Pavel Skripkin wrote:
> > genl_family_rcv_msg_attrs_parse() can return NULL
> > pointer:
> >
> > if (!ops->maxattr)
> > return NULL;
> >
> > But this condition doesn't cause an error in
> > genl_family_rcv_msg_doit
>
> And I'm almost certain that in fact it shouldn't cause an error!
>
> If the family doesn't set maxattr then it doesn't want to have
> generic
> netlink doing the parsing, but still it should be possible to call
> the
> ops. Look at fs/dlm/netlink.c for example, it doesn't even have
> attributes. You're breaking it with this patch.
>
> Also, the (NULL) pointer is not actually _used_ anywhere, so why
> would
> it matter?
>
Oh, I see now. I thought, it could cause a NULL ptr deference in some
cases, because some ->doit() functions accessing info.attrs directly.
Now I understand the point, sorry for my misunderstanding the
situation.
> johannes
>
With regards,
Pavel Skripkin
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-04-03 16:33 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-03 15:13 [PATCH] net: netlink: fix error check in genl_family_rcv_msg_doit Pavel Skripkin
2021-04-03 16:26 ` Johannes Berg
2021-04-03 16:33 ` Pavel Skripkin
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).