From patchwork Thu Mar 12 21:46:23 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexander Duyck X-Patchwork-Id: 449656 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3800E14009B for ; Fri, 13 Mar 2015 08:46:42 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756189AbbCLVqa (ORCPT ); Thu, 12 Mar 2015 17:46:30 -0400 Received: from mx1.redhat.com ([209.132.183.28]:58427 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756108AbbCLVq1 (ORCPT ); Thu, 12 Mar 2015 17:46:27 -0400 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id t2CLkOGW018826 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL); Thu, 12 Mar 2015 17:46:24 -0400 Received: from [192.168.122.173] (ovpn-112-88.phx2.redhat.com [10.3.112.88]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id t2CLkNjG012640; Thu, 12 Mar 2015 17:46:23 -0400 Subject: [net-next PATCH 1/2] fib_trie: Avoid NULL pointer if local table is not allocated From: Alexander Duyck To: netdev@vger.kernel.org Cc: Madhu Challa , davem@davemloft.net Date: Thu, 12 Mar 2015 14:46:23 -0700 Message-ID: <20150312214623.1133.48565.stgit@ahduyck-vm-fedora20> In-Reply-To: <20150312214226.1133.9622.stgit@ahduyck-vm-fedora20> References: <20150312214226.1133.9622.stgit@ahduyck-vm-fedora20> User-Agent: StGit/0.17-dirty MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org The function fib_unmerge assumed the local table had already been allocated. If that is not the case however when custom rules are applied then this can result in a NULL pointer dereference. In order to prevent this we must check the value of the local table pointer and if it is NULL simply return 0 as there is no local table to separate from the main. Fixes: 0ddcf43d5 ("ipv4: FIB Local/MAIN table collapse") Reported-by: Madhu Challa Signed-off-by: Alexander Duyck --- net/ipv4/fib_frontend.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index c1caf9d..e5b6b05 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c @@ -156,9 +156,12 @@ int fib_unmerge(struct net *net) { struct fib_table *old, *new; + /* attempt to fetch local table if it has been allocated */ old = fib_get_table(net, RT_TABLE_LOCAL); - new = fib_trie_unmerge(old); + if (!old) + return 0; + new = fib_trie_unmerge(old); if (!new) return -ENOMEM;