From: Colin Ian King <[email protected]>
Currently the assignment of pointer net from the sock_net(sk) call
is potentially dereferencing a null pointer sk. sk points to the
same location as pointer msk and msk is being null checked after
the sock_net call. Fix this by calling sock_net after the null
check on pointer msk.
Addresses-Coverity: ("Dereference before null check")
Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
Signed-off-by: Colin Ian King <[email protected]>
---
net/mptcp/pm_netlink.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index ed60538df7b2..e76879ea5a30 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -206,13 +206,15 @@ static void mptcp_pm_add_timer(struct timer_list *timer)
struct mptcp_pm_add_entry *entry = from_timer(entry, timer, add_timer);
struct mptcp_sock *msk = entry->sock;
struct sock *sk = (struct sock *)msk;
- struct net *net = sock_net(sk);
+ struct net *net;
pr_debug("msk=%p", msk);
if (!msk)
return;
+ net = sock_net(sk);
+
if (inet_sk_state_load(sk) == TCP_CLOSE)
return;
--
2.28.0
On Mon, 9 Nov 2020, Colin King wrote:
> From: Colin Ian King <[email protected]>
>
> Currently the assignment of pointer net from the sock_net(sk) call
> is potentially dereferencing a null pointer sk. sk points to the
> same location as pointer msk and msk is being null checked after
> the sock_net call. Fix this by calling sock_net after the null
> check on pointer msk.
>
> Addresses-Coverity: ("Dereference before null check")
> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
> Signed-off-by: Colin Ian King <[email protected]>
> ---
> net/mptcp/pm_netlink.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
Hi Colin and Jakub -
I noticed that the follow-up discussion on this patch didn't go to the
netdev list, so patchwork did not get updated.
This patch is superseded by the following, which already has a Reviewed-by
tag from Matthieu:
http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang@gmail.com/
Thanks!
--
Mat Martineau
Intel
On 11/11/2020 18:49, Mat Martineau wrote:
> On Mon, 9 Nov 2020, Colin King wrote:
>
>> From: Colin Ian King <[email protected]>
>>
>> Currently the assignment of pointer net from the sock_net(sk) call
>> is potentially dereferencing a null pointer sk. sk points to the
>> same location as pointer msk and msk is being null checked after
>> the sock_net call. Fix this by calling sock_net after the null
>> check on pointer msk.
>>
>> Addresses-Coverity: ("Dereference before null check")
>> Fixes: 00cfd77b9063 ("mptcp: retransmit ADD_ADDR when timeout")
>> Signed-off-by: Colin Ian King <[email protected]>
>> ---
>> net/mptcp/pm_netlink.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>
>
> Hi Colin and Jakub -
>
> I noticed that the follow-up discussion on this patch didn't go to the
> netdev list, so patchwork did not get updated.
>
> This patch is superseded by the following, which already has a
> Reviewed-by tag from Matthieu:
>
> http://patchwork.ozlabs.org/project/netdev/patch/078a2ef5bdc4e3b2c25ef852461692001f426495.1604976945.git.geliangtang@gmail.com/
>
>
OK, thanks for letting me know. Good to see it got fixed!
Colin
>
> Thanks!
>
> --
> Mat Martineau
> Intel