[nft PATCH] netlink_delinearize: Sanitize concat data element decoding

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The call to netlink_get_register() might return NULL, catch this before
dereferencing the pointer.

Fixes: db59a5c1204c9 ("netlink_delinearize: fix decoding of concat data element")
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
 src/netlink_delinearize.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index f4ab476e03455..00221505f2899 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -1749,7 +1749,7 @@ static void netlink_parse_dynset(struct netlink_parse_ctx *ctx,
 		sreg_data = netlink_parse_register(nle, NFTNL_EXPR_DYNSET_SREG_DATA);
 		expr_data = netlink_get_register(ctx, loc, sreg_data);
 
-		if (expr_data->len < set->data->len) {
+		if (expr_data && expr_data->len < set->data->len) {
 			expr_free(expr_data);
 			expr_data = netlink_parse_concat_expr(ctx, loc, sreg_data, set->data->len);
 			if (expr_data == NULL)
-- 
2.38.0




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux