Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp2612778pxb; Sun, 17 Oct 2021 20:30:21 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwLAL+cjTMpzptVD1LIKxPIWzhycSR/noQMhbj4sV42oW6wmjol4Aei0mtDlatrcel1GSsx X-Received: by 2002:a17:90a:cf10:: with SMTP id h16mr29967941pju.5.1634527821405; Sun, 17 Oct 2021 20:30:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634527821; cv=none; d=google.com; s=arc-20160816; b=OVe0+Tw3VBU5aKoqBbWrs2L5I9txu1PcUhHj+XFUq5e4xzeieLjaATkTKtiy5A/0KA l5S5NStmPTQcegOeHWDzf/LX/KqOAkpD2NCntGBGzb81o/3v1rLrDeKx0YXN96u+6esY NOmD/OD+wj/UQjXvo2jGcz0MQKOWg5X8GcLTDHy6tBwL3X107asOFrP0jByknXslMnYG 9tm1H8p1wLrxxUK9+yo8zkGBl0n8mtzjISd8mQJbxBhBMKciUFvPOjYfs5QQbe9+/ZyF 6lMBf9NHJo3fPbkIRBu3eGOOzphNc5j9Ck1MVX5mfKeRSERgwGhge3Dnznv/zV+ohKsz PmEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:references:cc:to :subject; bh=mehE+SlxJgaAd223CAZiVX0wKQxFVqsmKFfppYj7zzU=; b=FNqoq+ypsu8qztb5kO+lMxWlb0syMr6Nhf/AAOM+Xg+CGH9WqtcaApntryJZ01FQpx Zpx6JiokAzWu74jTPsR9FwJmgkHQR7hwOzp18gWz9GS1NATgt+vVpUttLndTuLe15UcF Jold4Njeu8qFEYsfmIovjLlJTVFCMkw2fouVaRXs2n7TXwPKioTrwUjXIkxYRoBfJIAK bHLZVx9PSbXmp/E4vtJSpEwPg8gLBscvl9NhOVh40hOWK8LmLYW0KgRYVPci+9D6ofZK f8wVwSzO+vsfrRZqU3YYoXefbXpEG9lG4oQE3BcTbu62dfWrqjtXv3qoNF4NGvEZmbpw ysHw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id fs23si10363983pjb.41.2021.10.17.20.30.09; Sun, 17 Oct 2021 20:30:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=huawei.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S243801AbhJPHth (ORCPT + 98 others); Sat, 16 Oct 2021 03:49:37 -0400 Received: from szxga02-in.huawei.com ([45.249.212.188]:24322 "EHLO szxga02-in.huawei.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S239843AbhJPHtg (ORCPT ); Sat, 16 Oct 2021 03:49:36 -0400 Received: from dggeme762-chm.china.huawei.com (unknown [172.30.72.57]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4HWZqh16Y9zbg2y; Sat, 16 Oct 2021 15:42:56 +0800 (CST) Received: from [10.67.110.176] (10.67.110.176) by dggeme762-chm.china.huawei.com (10.3.19.108) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.8; Sat, 16 Oct 2021 15:47:26 +0800 Subject: Re: [PATCH -next,v2 1/2] audit: fix possible null-pointer dereference in audit_filter_rules To: Paul Moore CC: Eric Paris , , , , References: <20211013091208.36209-1-cuigaosheng1@huawei.com> <20211013091208.36209-2-cuigaosheng1@huawei.com> From: cuigaosheng Message-ID: Date: Sat, 16 Oct 2021 15:47:26 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 8bit X-Originating-IP: [10.67.110.176] X-ClientProxiedBy: dggems706-chm.china.huawei.com (10.3.19.183) To dggeme762-chm.china.huawei.com (10.3.19.108) X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Thanks for your review, and i have droped the redundant commit message and add a Fixes tag to the patch. https://patchwork.kernel.org/project/linux-audit/patch/20211016072351.237745-2-cuigaosheng1@huawei.com/ Gaosheng. 在 2021/10/14 5:12, Paul Moore 写道: > On Wed, Oct 13, 2021 at 5:10 AM Gaosheng Cui wrote: >> Fix this possible null-pointer dereference in audit_filter_rules. > Thanks for fixing this, just a couple of small comments: > > I think you can drop the description text below here, the code snippet > is just a duplicate of the code and the error message is pretty > obvious. > >> If ctx is null, a null-pointer dereference will occur: >> case AUDIT_SADDR_FAM: >> if (ctx->sockaddr) >> ... >> break; >> >> audit_filter_rules() error: we previously assumed 'ctx' could be null >> >> Reported-by: kernel test robot >> Reported-by: Dan Carpenter >> Signed-off-by: Gaosheng Cui > I would also add a Fixes tag, for example: > > Fixes: bf361231c295 ("audit: add saddr_fam filter field") > >> --- >> kernel/auditsc.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/kernel/auditsc.c b/kernel/auditsc.c >> index 4ba3b8573ff4..42d4a4320526 100644 >> --- a/kernel/auditsc.c >> +++ b/kernel/auditsc.c >> @@ -647,7 +647,7 @@ static int audit_filter_rules(struct task_struct *tsk, >> result = audit_comparator(audit_loginuid_set(tsk), f->op, f->val); >> break; >> case AUDIT_SADDR_FAM: >> - if (ctx->sockaddr) >> + if (ctx && ctx->sockaddr) >> result = audit_comparator(ctx->sockaddr->ss_family, >> f->op, f->val); >> break; >> -- >> 2.30.0