Re: [Bridge] [PATCH 2/3] netfilter: potential null derefence.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Bart,
         Its good to do the testing before rolling up the patch
but code analysis shows there is a potential bug.

For cs=NULL the following statement will cause crash.
       i = cs[sp].n

The aim of this patch is to avoid possible null dereference.


Regards
Santosh

On Sat, Mar 3, 2012 at 3:01 AM, Bart De Schuymer <bdschuym@xxxxxxxxxx> wrote:
> Op 1/03/2012 13:30, Pablo Neira Ayuso schreef:
>
>> On Thu, Mar 01, 2012 at 02:47:14PM +0530, santosh nayak wrote:
>>>
>>> From: Santosh Nayak<santoshprasadnayak@xxxxxxxxx>
>>>
>>> I am getting following error.
>>> " net/bridge/netfilter/ebtables.c:269 ebt_do_table()
>>>   error: potential null derefence 'cs'"
>>>
>>>     i = cs[sp].n;  // If cs == Null then this will cause problem.
>>
>>
>> Very sorry, I didn't see the out label.
>>
>> I'll apply this to my nf [1] once David takes my previous request for
>> pulling.
>>
>
> Hi,
>
> Has this patch been tested? Really, that code in the core firewall function
> is there for a reason, wouldn't you think?
> The chainstack is only allocated when user-defined chains are used (see
> translate_table).
> Never blindly trust a tool.
>
> Bart
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux