Coverity: nfnl_hook_dump_start(): Memory - corruptions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello!

This is an experimental semi-automated report about issues detected by
Coverity from a scan of next-20210608 as part of the linux-next scan project:
https://scan.coverity.com/projects/linux-next-weekly-scan

You're getting this email because you were associated with the identified
lines of code (noted below) that were touched by commits:

  Mon Jun 7 12:41:10 2021 +0200
    e2cf17d3774c ("netfilter: add new hook nfnl subsystem")

Coverity reported the following:

*** CID 1505167:  Memory - corruptions  (OVERRUN)
/net/netfilter/nfnetlink_hook.c: 294 in nfnl_hook_dump_start()
288
289     		nla_strscpy(name, nla[NFNLA_HOOK_DEV], sizeof(name));
290     	}
291
292     	rcu_read_lock();
293     	/* Not dereferenced; for consistency check only */
vvv     CID 1505167:  Memory - corruptions  (OVERRUN)
vvv     Overrunning callee's array of size 5 by passing argument "hooknum" (which evaluates to 255) in call to "nfnl_hook_entries_head".
294     	head = nfnl_hook_entries_head(family, hooknum, net, name);
295     	rcu_read_unlock();
296
297     	if (head && IS_ERR(head))
298     		return PTR_ERR(head);
299

If this is a false positive, please let us know so we can mark it as
such, or teach the Coverity rules to be smarter. If not, please make
sure fixes get into linux-next. :) For patches fixing this, please
include these lines (but double-check the "Fixes" first):

Reported-by: coverity-bot <keescook+coverity-bot@xxxxxxxxxxxx>
Addresses-Coverity-ID: 1505167 ("Memory - corruptions")
Fixes: e2cf17d3774c ("netfilter: add new hook nfnl subsystem")

Thanks for your attention!

-- 
Coverity-bot



[Index of Archives]     [Linux Kernel]     [Linux USB Development]     [Yosemite News]     [Linux SCSI]

  Powered by Linux