El 18 de enero de 2020 11:27:25 CET, Florian Westphal <fw@xxxxxxxxx> escribió:
>syzbot reports just another NULL deref crash because of missing test
>for presence of the attribute.
>
>Reported-by: syzbot+cf23983d697c26c34f60@xxxxxxxxxxxxxxxxxxxxxxxxx
>Fixes: b96af92d6eaf9fadd ("netfilter: nf_tables: implement Passive OS
>fingerprint module in nft_osf")
>Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
>---
> net/netfilter/nft_osf.c | 3 +++
> 1 file changed, 3 insertions(+)
>
>diff --git a/net/netfilter/nft_osf.c b/net/netfilter/nft_osf.c
>index f54d6ae15bb1..b42247aa48a9 100644
>--- a/net/netfilter/nft_osf.c
>+++ b/net/netfilter/nft_osf.c
>@@ -61,6 +61,9 @@ static int nft_osf_init(const struct nft_ctx *ctx,
> int err;
> u8 ttl;
>
>+ if (!tb[NFTA_OSF_DREG])
>+ return -EINVAL;
>+
> if (tb[NFTA_OSF_TTL]) {
> ttl = nla_get_u8(tb[NFTA_OSF_TTL]);
> if (ttl > 2)
Oops. Sorry about that. Thanks Florian!
