Re: [PATCH] [net/sched] Fix null pointer deref skb in tc_ctl_action
From: Eric Dumazet
Date: Wed Jun 17 2020 - 23:44:04 EST
On 6/17/20 6:43 PM, Gaurav Singh wrote:
> Add null check for skb
>
Bad choice really.
You have to really understand code intent before trying to fix it.
> Signed-off-by: Gaurav Singh <gaurav1086@xxxxxxxxx>
> ---
> net/sched/act_api.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/net/sched/act_api.c b/net/sched/act_api.c
> index 8ac7eb0a8309..fd584821d75a 100644
> --- a/net/sched/act_api.c
> +++ b/net/sched/act_api.c
> @@ -1473,9 +1473,12 @@ static const struct nla_policy tcaa_policy[TCA_ROOT_MAX + 1] = {
> static int tc_ctl_action(struct sk_buff *skb, struct nlmsghdr *n,
> struct netlink_ext_ack *extack)
> {
> + if (!skb)
> + return 0;
We do not allow this
warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement]
> +
> struct net *net = sock_net(skb->sk);
> struct nlattr *tca[TCA_ROOT_MAX + 1];
> - u32 portid = skb ? NETLINK_CB(skb).portid : 0;
> + u32 portid = NETLINK_CB(skb).portid;
> int ret = 0, ovr = 0;
>
> if ((n->nlmsg_type != RTM_GETACTION) &&
>
Please compile your patches, do not expect us from doing this.