Re: [PATCH] batman-adv: fix potential NULL pointer dereferencing
From: Antonio Quartulli
Date: Mon Sep 22 2014 - 05:14:31 EST
On 22/09/14 11:11, Mario Pirker wrote:
> From b451e7317148e18bf6c5c8fd747d79ab34260354 Mon Sep 17 00:00:00 2001
> From: Mario Pirker <mario.pirker@xxxxxxxxxxxxxxxx>
> Date: Tue, 16 Sep 2014 17:55:13 +0200
> Subject: [PATCH] batman-adv: fix potential NULL pointer dereferencing
>
> The call batadv_gw_node_get may return NULL. The return value has to
> be sanity checked before the pointer is dereferenced.
>
> Signed-off-by: Mario Pirker <mariopirker@xxxxxxxxxxx>
> ---
We already have a patch queued to fix this issue
(http://permalink.gmane.org/gmane.org.freifunk.batman/12357).
Actually it is not about a missing check but it is more about a typo in
the check right below the one you added.
Cheers,
> net/batman-adv/gateway_client.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/net/batman-adv/gateway_client.c b/net/batman-adv/gateway_client.c
> index 90cff58..7ee0913 100644
> --- a/net/batman-adv/gateway_client.c
> +++ b/net/batman-adv/gateway_client.c
> @@ -810,6 +810,11 @@ bool batadv_gw_out_of_range(struct batadv_priv *bat_priv,
> goto out;
>
> gw_node = batadv_gw_node_get(bat_priv, orig_dst_node);
> +
> + /* gw_node can be NULL. We need to check before dereferencing */
> + if (gw_node == NULL)
> + goto out;
> +
> if (!gw_node->bandwidth_down == 0)
> goto out;
>
> --
> 1.8.1.4
>
--
Antonio Quartulli
Attachment:
signature.asc
Description: OpenPGP digital signature