LinuxLists.cc - [PATCH] net: sun: sungem: rix a possible null dereference

2017-03-14 21:23:42

Subject: [PATCH] net: sun: sungem: rix a possible null dereference

The function gem_begin_auto_negotiation dereference
the pointer ep before testing if it's null. This
patch add a check on ep before dereferencing it.

This issue was added by the patch 92552fdd557:
"net: sun: sungem: use new api ethtool_{get|set}_link_ksettings".

Reported-by: Dan Carpenter <[email protected]>
Signed-off-by: Philippe Reynes <[email protected]>
---
drivers/net/ethernet/sun/sungem.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/net/ethernet/sun/sungem.c b/drivers/net/ethernet/sun/sungem.c
index dbfca04..fa607d0 100644
--- a/drivers/net/ethernet/sun/sungem.c
+++ b/drivers/net/ethernet/sun/sungem.c
@@ -1259,8 +1259,9 @@ static void gem_begin_auto_negotiation(struct gem *gp,
int duplex;
u32 advertising;

- ethtool_convert_link_mode_to_legacy_u32(&advertising,
- ep->link_modes.advertising);
+ if (ep)
+ ethtool_convert_link_mode_to_legacy_u32(
+ &advertising, ep->link_modes.advertising);

if (gp->phy_type != phy_mii_mdio0 &&
gp->phy_type != phy_mii_mdio1)
--
1.7.4.4

2017-03-15 10:05:30

by Sergei Shtylyov

[permalink] [raw]

Subject: Re: [PATCH] net: sun: sungem: rix a possible null dereference

Hello!

On 3/15/2017 12:23 AM, Philippe Reynes wrote:

> The function gem_begin_auto_negotiation dereference
> the pointer ep before testing if it's null. This
> patch add a check on ep before dereferencing it.
>
> This issue was added by the patch 92552fdd557:
> "net: sun: sungem: use new api ethtool_{get|set}_link_ksettings".

There's Fixes: tag for that now, described in
Documentation/process/submitting-patches.rst...

> Reported-by: Dan Carpenter <[email protected]>
> Signed-off-by: Philippe Reynes <[email protected]>
[...]

MBR, Sergei

2017-03-15 21:45:07

by Philippe Reynes

[permalink] [raw]

Subject: Re: [PATCH] net: sun: sungem: rix a possible null dereference

Hi Sergei,

On 3/15/17, Sergei Shtylyov <[email protected]> wrote:
> Hello!
>
> On 3/15/2017 12:23 AM, Philippe Reynes wrote:
>
>> The function gem_begin_auto_negotiation dereference
>> the pointer ep before testing if it's null. This
>> patch add a check on ep before dereferencing it.
>>
>> This issue was added by the patch 92552fdd557:
>> "net: sun: sungem: use new api ethtool_{get|set}_link_ksettings".
>
> There's Fixes: tag for that now, described in
> Documentation/process/submitting-patches.rst...

Thanks a lot for pointing me this tag.
I'm sending a v2 of this patch with this tag.

>> Reported-by: Dan Carpenter <[email protected]>
>> Signed-off-by: Philippe Reynes <[email protected]>
> [...]
>
> MBR, Sergei
>

Thanks,
Philippe