This is a serious bug, so it should be posted to net, not net-next. Otherwise, Acked-by: Jon Maloy <jon.ma...@ericsson.cm>
///jon > -----Original Message----- > From: Richard Alpe [mailto:richard.a...@ericsson.com] > Sent: Monday, 16 May, 2016 05:15 > To: netdev@vger.kernel.org > Cc: splovi...@gmail.com; tipc-discuss...@lists.sourceforge.net; > eric.duma...@gmail.com > Subject: [tipc-discussion] [PATCH net-next] tipc: check nl sock before parsing > nested attributes > > Make sure the socket for which the user is listing publication exists > before parsing the socket netlink attributes. > > Prior to this patch a call without any socket caused a NULL pointer > dereference in tipc_nl_publ_dump(). > > Tested-and-reported-by: Baozeng Ding <splovi...@gmail.com> > Signed-off-by: Richard Alpe <richard.a...@ericsson.com> > --- > net/tipc/socket.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/net/tipc/socket.c b/net/tipc/socket.c > index 1262889..3b7a799 100644 > --- a/net/tipc/socket.c > +++ b/net/tipc/socket.c > @@ -2853,6 +2853,9 @@ int tipc_nl_publ_dump(struct sk_buff *skb, struct > netlink_callback *cb) > if (err) > return err; > > + if (!attrs[TIPC_NLA_SOCK]) > + return -EINVAL; > + > err = nla_parse_nested(sock, TIPC_NLA_SOCK_MAX, > attrs[TIPC_NLA_SOCK], > tipc_nl_sock_policy); > -- > 2.1.4 > > > ------------------------------------------------------------------------------ > Mobile security can be enabling, not merely restricting. Employees who > bring their own devices (BYOD) to work are irked by the imposition of MDM > restrictions. Mobile Device Manager Plus allows you to control only the > apps on BYO-devices by containerizing them, leaving personal data untouched! > https://ad.doubleclick.net/ddm/clk/304595813;131938128;j > _______________________________________________ > tipc-discussion mailing list > tipc-discuss...@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tipc-discussion
