[PATCH] vsprintf: Prevent NULL dereference using %pNF

[Joe Perches]

Passing NULL to %pNF is done in skb_gso_segment
which could be dereferenced.

Add noinline_for_stack to function.
Make pointer argument the actual type.
Check pointer for NULL and use 0 when so.

Signed-off-by: Joe Perches <joe@xxxxxxxxxxx>
---
 lib/vsprintf.c |   16 ++++++++++++----
 1 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/lib/vsprintf.c b/lib/vsprintf.c
index 8e75003..0f1dfd9 100644
--- a/lib/vsprintf.c
+++ b/lib/vsprintf.c
@@ -777,16 +777,24 @@ char *uuid_string(char *buf, char *end, const u8 *addr,
 	return string(buf, end, uuid, spec);
 }
 
-static
-char *netdev_feature_string(char *buf, char *end, const u8 *addr,
-		      struct printf_spec spec)
+static noinline_for_stack
+char *netdev_feature_string(char *buf, char *end,
+			    const netdev_features_t *features,
+			    struct printf_spec spec)
 {
+	unsigned long long num;
+
+	if (features)
+		num = (unsigned long long)*features;
+	else
+		num = 0;
+
 	spec.flags |= SPECIAL | SMALL | ZEROPAD;
 	if (spec.field_width == -1)
 		spec.field_width = 2 + 2 * sizeof(netdev_features_t);
 	spec.base = 16;
 
-	return number(buf, end, *(const netdev_features_t *)addr, spec);
+	return number(buf, end, num, spec);
 }
 
 int kptr_restrict __read_mostly;


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/