linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Red Hat Product Security <secalert@redhat.com>
To: navid.emamdoost@gmail.com
Cc: axboe@kernel.dk, emamd001@umn.edu, josef@toxicpanda.com,
	kjlu@umn.edu, linux-block@vger.kernel.org,
	linux-kernel@vger.kernel.org, nbd@other.debian.org,
	smccaman@umn.edu
Subject: [engineering.redhat.com #494735] Re: [PATCH] nbd_genl_status: null check for nla_nest_start
Date: Tue, 30 Jul 2019 01:52:01 -0400	[thread overview]
Message-ID: <rt-4.0.13-5201-1564465920-1304.494735-5-0@engineering.redhat.com> (raw)
In-Reply-To: <20190729164226.22632-1-navid.emamdoost@gmail.com>

Hi Navid,

Thank you for you report. I have forwarded this to our analysis team. Once I'll
get an update on your reported vulnerability and it's patched I'll let you
know.
Please let me know if you have any questions or concerns.

On Mon Jul 29 12:42:56 2019, navid.emamdoost@gmail.com wrote:
> nla_nest_start may fail and return NULL. The check is inserted, and
> errno is selected based on other call sites within the same source
> code.
> Update: removed extra new line.
>
> Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
> ---
> drivers/block/nbd.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/block/nbd.c b/drivers/block/nbd.c
> index 9bcde2325893..2410812d1e82 100644
> --- a/drivers/block/nbd.c
> +++ b/drivers/block/nbd.c
> @@ -2149,6 +2149,11 @@ static int nbd_genl_status(struct sk_buff *skb,
> struct genl_info *info)
> }
>
> dev_list = nla_nest_start_noflag(reply, NBD_ATTR_DEVICE_LIST);
> + if (!dev_list) {
> + ret = -EMSGSIZE;
> + goto out;
> + }
> +
> if (index == -1) {
> ret = idr_for_each(&nbd_index_idr, &status_cb, reply);
> if (ret) {


--
Best Regards,
Dhananjay Arunesh, Red Hat Product Security
7F45 FDD1 BB92 2DA8 CD05 F034 9B3D 8FE3 50EC 5D74


  reply	other threads:[~2019-07-30  5:52 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-23 23:01 [PATCH] nbd_genl_status: null check for nla_nest_start Navid Emamdoost
2019-07-29 13:09 ` Josef Bacik
2019-07-29 16:42   ` [PATCH v2] " Navid Emamdoost
2019-07-30  5:52     ` Red Hat Product Security [this message]
2019-07-30  6:05     ` Bob Liu
2019-09-10 11:35     ` Michal Kubecek
2019-09-11 16:40       ` [PATCH v3] " Navid Emamdoost
2019-10-21  6:42         ` Michal Kubecek
2021-04-14  3:05           ` Mark-PK Tsai
2019-10-17  2:17       ` [PATCH v2] " Navid Emamdoost
2019-10-17 19:37         ` [engineering.redhat.com #498403] " Red Hat Product Security

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=rt-4.0.13-5201-1564465920-1304.494735-5-0@engineering.redhat.com \
    --to=secalert@redhat.com \
    --cc=axboe@kernel.dk \
    --cc=emamd001@umn.edu \
    --cc=josef@toxicpanda.com \
    --cc=kjlu@umn.edu \
    --cc=linux-block@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=navid.emamdoost@gmail.com \
    --cc=nbd@other.debian.org \
    --cc=smccaman@umn.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).