Re: [PATCH] netfilter: ebtables: fix a NULL pointer dereference in ebt_do_table()

From: Florian Westphal
Date: Sat Aug 20 2022 - 12:27:22 EST

Next message: Damien Le Moal: "Re: [ata] 0568e61225: stress-ng.copy-file.ops_per_sec -15.0% regression"
Previous message: kernel test robot: "drivers/video/fbdev/aty/mach64_cursor.c:156:23: sparse: sparse: incorrect type in argument 1 (different address spaces)"
In reply to: Harshit Mogalapalli: "[PATCH] netfilter: ebtables: fix a NULL pointer dereference in ebt_do_table()"
Next in thread: Harshit Mogalapalli: "Re: [External] : Re: [PATCH] netfilter: ebtables: fix a NULL pointer dereference in ebt_do_table()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Harshit Mogalapalli <harshit.m.mogalapalli@xxxxxxxxxx> wrote:
> In ebt_do_table() function dereferencing 'private->hook_entry[hook]'
> can lead to NULL pointer dereference. So add a check to prevent that.

This looks incorrect, i.e. paperimg over the problem.

If hook_entry[hook] is NULL, how did this make it to the eval loop?

I guess ebtables lacks a sanity check on incoming ruleset?

Next message: Damien Le Moal: "Re: [ata] 0568e61225: stress-ng.copy-file.ops_per_sec -15.0% regression"
Previous message: kernel test robot: "drivers/video/fbdev/aty/mach64_cursor.c:156:23: sparse: sparse: incorrect type in argument 1 (different address spaces)"
In reply to: Harshit Mogalapalli: "[PATCH] netfilter: ebtables: fix a NULL pointer dereference in ebt_do_table()"
Next in thread: Harshit Mogalapalli: "Re: [External] : Re: [PATCH] netfilter: ebtables: fix a NULL pointer dereference in ebt_do_table()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]