| Message ID | 1452355001-30295-1-git-send-email-sploving1@gmail.com |
|---|---|
| State | Changes Requested, archived |
| Delegated to: | David Miller |
| Headers | show |
From: Baozeng Ding <sploving1@gmail.com> Date: Sat, 9 Jan 2016 23:56:41 +0800 > If groups is not 0 and nlk->groups is NULL, it will not return > immediately and cause a null pointer dereference later. > > Signed-off-by: Baozeng Ding <sploving1@gmail.com> > --- > This version uses the preferred networking coding style. Thanks > for Sergei's feedback. Also the patch keeps the original author's > coding style as much as possible. Is this an actual legal state? If not, add a WARN_ON() check. Otherwise, provide a proper OOPS log and explain how the state can be achieved. Thanks.
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index 59651af..eeff14a 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1576,7 +1576,10 @@ static int netlink_bind(struct socket *sock, struct sockaddr *addr, } } - if (!groups && (nlk->groups == NULL || !(u32)nlk->groups[0])) + if (!nlk->groups) + return 0; + + if (!groups && !(u32)nlk->groups[0]) return 0; netlink_table_grab();
If groups is not 0 and nlk->groups is NULL, it will not return immediately and cause a null pointer dereference later. Signed-off-by: Baozeng Ding <sploving1@gmail.com> --- This version uses the preferred networking coding style. Thanks for Sergei's feedback. Also the patch keeps the original author's coding style as much as possible. --- net/netlink/af_netlink.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)