This is a serious bug, so it should be posted to net, not net-next. Otherwise, Acked-by: Jon Maloy <[email protected]>
///jon > -----Original Message----- > From: Richard Alpe [mailto:[email protected]] > Sent: Monday, 16 May, 2016 05:15 > To: [email protected] > Cc: [email protected]; [email protected]; > [email protected] > Subject: [tipc-discussion] [PATCH net-next] tipc: check nl sock before parsing > nested attributes > > Make sure the socket for which the user is listing publication exists > before parsing the socket netlink attributes. > > Prior to this patch a call without any socket caused a NULL pointer > dereference in tipc_nl_publ_dump(). > > Tested-and-reported-by: Baozeng Ding <[email protected]> > Signed-off-by: Richard Alpe <[email protected]> > --- > net/tipc/socket.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/net/tipc/socket.c b/net/tipc/socket.c > index 1262889..3b7a799 100644 > --- a/net/tipc/socket.c > +++ b/net/tipc/socket.c > @@ -2853,6 +2853,9 @@ int tipc_nl_publ_dump(struct sk_buff *skb, struct > netlink_callback *cb) > if (err) > return err; > > + if (!attrs[TIPC_NLA_SOCK]) > + return -EINVAL; > + > err = nla_parse_nested(sock, TIPC_NLA_SOCK_MAX, > attrs[TIPC_NLA_SOCK], > tipc_nl_sock_policy); > -- > 2.1.4 > > > ------------------------------------------------------------------------------ > Mobile security can be enabling, not merely restricting. Employees who > bring their own devices (BYOD) to work are irked by the imposition of MDM > restrictions. Mobile Device Manager Plus allows you to control only the > apps on BYO-devices by containerizing them, leaving personal data untouched! > https://ad.doubleclick.net/ddm/clk/304595813;131938128;j > _______________________________________________ > tipc-discussion mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/tipc-discussion
