Re: [2.6 patch] net/llc/llc_conn.c: fix possible NULL dereference

From: Randy Dunlap
Date: Sat May 19 2007 - 01:24:59 EST


On Sat, 19 May 2007 13:13:07 +0800 Eugene Teo wrote:

> skb_peek() might return an empty list. skb should be checked before calling
> llc_pdu_sn_hdr() with it.
>
> Spotted by the Coverity checker.
>
> Signed-off-by: Eugene Teo <eteo@xxxxxxxxxx>

Hi Eugene,

Networking patches need to be sent to the netdev@xxxxxxxxxxxxxxx
mailing list (and lkml can be omitted IMHO).

But... instead of doing the assignment and test in one swoop,
we prefer:

> if (!q_len)
> goto out;
> skb = skb_peek(&llc->pdu_unack_q);
> + if (!skb)
> + goto out;
> pdu = llc_pdu_sn_hdr(skb);

Oh, and your patch has spaces instead of tabs. It's a hassle to
get thunderbird to send a patch that preserves tabs. See if this:
http://mbligh.org/linuxdocs/Email/Clients/Thunderbird
helps you any.


> diff --git a/net/llc/llc_conn.c b/net/llc/llc_conn.c
> index 3b8cfbe..28a3994 100644
> --- a/net/llc/llc_conn.c
> +++ b/net/llc/llc_conn.c
> @@ -323,7 +323,8 @@ int llc_conn_remove_acked_pdus(struct sock *sk, u8 nr, u16
> *how_many_unacked)
>
> if (!q_len)
> goto out;
> - skb = skb_peek(&llc->pdu_unack_q);
> + if (! (skb = skb_peek(&llc->pdu_unack_q)))
> + goto out;
> pdu = llc_pdu_sn_hdr(skb);
>
> /* finding position of last acked pdu in queue */
>
> -

---
~Randy
*** Remember to use Documentation/SubmitChecklist when testing your code ***
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/