From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-7.0 required=3.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5A4EC43381 for ; Mon, 25 Feb 2019 15:36:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 8F6D420663 for ; Mon, 25 Feb 2019 15:36:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727729AbfBYPgb (ORCPT ); Mon, 25 Feb 2019 10:36:31 -0500 Received: from mx1.redhat.com ([209.132.183.28]:48760 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727505AbfBYPgb (ORCPT ); Mon, 25 Feb 2019 10:36:31 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id BF2218553D; Mon, 25 Feb 2019 15:36:30 +0000 (UTC) Received: from localhost.localdomain (unknown [10.32.181.77]) by smtp.corp.redhat.com (Postfix) with ESMTP id 92AB81001DE3; Mon, 25 Feb 2019 15:36:28 +0000 (UTC) Message-ID: <5826be6cc88f94dfe49da730d07f366375ad66a0.camel@redhat.com> Subject: Re: [PATCH net] net: sched: act_tunnel_key: fix NULL pointer dereference during init From: Davide Caratti To: Vlad Buslov , netdev@vger.kernel.org Cc: jhs@mojatatu.com, xiyou.wangcong@gmail.com, jiri@resnulli.us, davem@davemloft.net, wenxu@ucloud.cn, roid@mellanox.com In-Reply-To: <20190225152827.8741-1-vladbu@mellanox.com> References: <4bde1d403d4ba9b51cf18bbaac1d46147011b959.camel@redhat.com> <20190225152827.8741-1-vladbu@mellanox.com> Organization: red hat Content-Type: text/plain; charset="UTF-8" Date: Mon, 25 Feb 2019 16:36:26 +0100 Mime-Version: 1.0 User-Agent: Evolution 3.30.3 (3.30.3-1.fc29) Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 25 Feb 2019 15:36:31 +0000 (UTC) Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On Mon, 2019-02-25 at 17:28 +0200, Vlad Buslov wrote: > Metadata pointer is only initialized for action TCA_TUNNEL_KEY_ACT_SET, but > it is unconditionally dereferenced in tunnel_key_init() error handler. > Verify that metadata pointer is not NULL before dereferencing it in > tunnel_key_init error handling code. > > Fixes: ee28bb56ac5b ("net/sched: fix memory leak in act_tunnel_key_init()") > Signed-off-by: Vlad Buslov > --- > net/sched/act_tunnel_key.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/net/sched/act_tunnel_key.c b/net/sched/act_tunnel_key.c > index 8b43fe0130f7..3f943de9a2c9 100644 > --- a/net/sched/act_tunnel_key.c > +++ b/net/sched/act_tunnel_key.c > @@ -377,7 +377,8 @@ static int tunnel_key_init(struct net *net, struct nlattr *nla, > return ret; > > release_tun_meta: > - dst_release(&metadata->dst); > + if (metadata) > + dst_release(&metadata->dst); > > err_out: > if (exists) Reviewed-by: Davide Caratti