Received: by 2002:ab2:620c:0:b0:1ef:ffd0:ce49 with SMTP id o12csp1492557lqt; Wed, 20 Mar 2024 05:57:55 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCXd+fsVUzb82zo7uN9bTOjCPdsZRs6s3CF3rV5ptB9WGOqXjqUS9aYnHep3b/alAeeo1qNirHqfJmNVR1FIWYGSYSTj0yBGJzMRA6HanA== X-Google-Smtp-Source: AGHT+IHEErLUS3s9IhuzJIqIN76injXe3wNmTVaAlTQ9kS5blGmRqtXA0229PckD6UJA6oALdfh9 X-Received: by 2002:a25:2e0b:0:b0:dca:e4fd:b6d6 with SMTP id u11-20020a252e0b000000b00dcae4fdb6d6mr11206914ybu.61.1710939475507; Wed, 20 Mar 2024 05:57:55 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1710939475; cv=pass; d=google.com; s=arc-20160816; b=01tkc0FA4MM3G6+5OUtNr5ArMv2SNAAc/Ba2LyUPNMKMZvX3Xo11ZbB/z4L15qbQFV 51JOypn+UuOScyua8xzA0WN9TWRKnL7SpYTQLNHqNyU2rD0+m+/HdJ9zCVSYStP8zpft X9FlApPhiaImBaW5S5m1WqT88RUZx4ijFgAMtxm4/ZMCAmzY8RrLEEG4V1nkOyt2QmXE Oyc3Ae3BQviPDB2dmexfaWO/eqjN3+nxL4RlgT7huO/onV0ezaXTm6LM6JQh/H3T+hyx KvIqTVG+NLqyEOMEmytQ3frb+x9LrCwkkKEKPQsOJM/nqnZhK7vGT2YJ1HVyFwR8gVr/ jYfQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from; bh=GXNQ4tH5CryMIqFdJ0IZYrgz7DIJRmvXoX3Z7uGqSig=; fh=ebwGlHuemVI7iZpImYeWNgDgZADQ32vik5aLwqV0zIU=; b=Znm7YlYNA7hK/oAjiMKeLlXzPDSVZV0eZ3DfE+i0rd+nW5Ht8VltUvy+zTYpxp4WCZ aZQ3fi8xoLNp90AX7Ih2m8JtvknCXa7ABY3RT4su6SLoOU2uEb7DMPLy86S4gNGFoHPE 7XaF8REFCwepeNb9GS57/dmK4Iq4gWCoxpmkt6K0GYkha9wocHl90TZmo0XbrobmVrKl t6bBFcIILvQYKnnNbvK9YGwghA3RHGvVmaIgFL+jn2FIsH28K4/2Xkot77geGw6WROlD UsWvMyhtXFFMTA3NhjTnsziTjejeR54ThUa6+JGFiPbCNHJRUYXuLDPPlG177dv7Lfhk xfAw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; arc=pass (i=1 spf=pass spfdomain=astralinux.ru); spf=pass (google.com: domain of linux-kernel+bounces-108921-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108921-linux.lists.archive=gmail.com@vger.kernel.org" Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id n15-20020a05622a040f00b00430cadbfb8asi7254371qtx.490.2024.03.20.05.57.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Mar 2024 05:57:55 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-108921-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; arc=pass (i=1 spf=pass spfdomain=astralinux.ru); spf=pass (google.com: domain of linux-kernel+bounces-108921-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-108921-linux.lists.archive=gmail.com@vger.kernel.org" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 3DCE51C2256A for ; Wed, 20 Mar 2024 12:57:55 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1805A40863; Wed, 20 Mar 2024 12:57:47 +0000 (UTC) Received: from new-mail.astralinux.ru (new-mail.astralinux.ru [51.250.53.244]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5F05B3FE4F; Wed, 20 Mar 2024 12:57:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=51.250.53.244 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710939466; cv=none; b=Z5Adb2nCmoAFzaHM5837C2oeSPLnBKI6qErbWc0g+BnvJ2QHdeEeqNjCLT+SxFvStjtWj5RxldnX7uUflEXGX0WLo98sPCBoyQ5A5jzJuHWz/6XKx2nmqD4AQ0i607PK9HsPLIBt275zoKVci6nVVAb+aFgT17rExK1OSbbTJC0= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1710939466; c=relaxed/simple; bh=WNjA4RJDnjon5+pbZkJWvOEhagdQ0OkaB0NbNTEO9DU=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=fEqU/+FBzDluLHgFfwS1AnY8wTpLNBMwHbxlfR6siSSwLJGHG9ZS6vsVDGK8US4ReyGFv5EYfOQ+Y56wpjm7TXA+lasJcxw+AThsodyuKE6d0PcNU3vYLqQDrOva0lD9rPAxS7klJawzwGjAA33Q8qe/GbD1qN+F8o6XGG3Vemw= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=astralinux.ru; spf=pass smtp.mailfrom=astralinux.ru; arc=none smtp.client-ip=51.250.53.244 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=astralinux.ru Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=astralinux.ru Received: from rbta-msk-lt-106062.astralinux.ru (unknown [176.59.54.140]) by new-mail.astralinux.ru (Postfix) with ESMTPA id 4V07sh1r9KzlVq9; Wed, 20 Mar 2024 15:57:28 +0300 (MSK) From: Anastasia Belova To: "David S. Miller" Cc: Anastasia Belova , Eric Dumazet , Jakub Kicinski , Jiri Pirko , netdev@vger.kernel.org, linux-kernel@vger.kernel.org, lvc-project@linuxtesting.org Subject: [PATCH] flow_dissector: prevent NULL pointer dereference in __skb_flow_dissect Date: Wed, 20 Mar 2024 15:56:35 +0300 Message-Id: <20240320125635.1444-1-abelova@astralinux.ru> X-Mailer: git-send-email 2.30.2 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-DrWeb-SpamScore: -100 X-DrWeb-SpamState: legit X-DrWeb-SpamDetail: gggruggvucftvghtrhhoucdtuddrgedvfedrvdehuddgtddvucetufdoteggodetrfcurfhrohhfihhlvgemucfftfghgfeunecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmdenucfjughrpefhvfevufffkffoggfgsedtkeertdertddtnecuhfhrohhmpeetnhgrshhtrghsihgruceuvghlohhvrgcuoegrsggvlhhovhgrsegrshhtrhgrlhhinhhugidrrhhuqeenucggtffrrghtthgvrhhnpeffvddvueehvedvgfeivdeuvdduteeulefgfeehieffgfehtedutdfgveefvdeiheenucffohhmrghinheplhhinhhugihtvghsthhinhhgrdhorhhgnecukfhppedujeeirdehledrheegrddugedtnecurfgrrhgrmhephhgvlhhopehrsghtrgdqmhhskhdqlhhtqddutdeitdeivddrrghsthhrrghlihhnuhigrdhruhdpihhnvghtpedujeeirdehledrheegrddugedtmeefheekheehpdhmrghilhhfrhhomheprggsvghlohhvrgesrghsthhrrghlihhnuhigrdhruhdpnhgspghrtghpthhtohepkedprhgtphhtthhopegurghvvghmsegurghvvghmlhhofhhtrdhnvghtpdhrtghpthhtoheprggsvghlohhvrgesrghsthhrrghlihhnuhigrdhruhdprhgtphhtthhopegvughumhgriigvthesghhoohhglhgvrdgtohhmpdhrtghpthhtohepkhhusggrsehkvghrnhgvlhdrohhrghdprhgtphhtthhopehjihhrihesrhgvshhnuhhllhhirdhushdprhgtphhtth hopehnvghtuggvvhesvhhgvghrrdhkvghrnhgvlhdrohhrghdprhgtphhtthhopehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrghdprhgtphhtthhopehlvhgtqdhprhhojhgvtghtsehlihhnuhigthgvshhtihhnghdrohhrgh X-DrWeb-SpamVersion: Vade Retro 01.423.251#02 AS+AV+AP Profile: DRWEB; Bailout: 300 X-AntiVirus: Checked by Dr.Web [MailD: 11.1.19.2307031128, SE: 11.1.12.2210241838, Core engine: 7.00.62.01180, Virus records: 12524175, Updated: 2024-Mar-20 11:10:12 UTC] skb is an optional parameter, so it may be NULL. Add check defore dereference in eth_hdr. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 67a900cc0436 ("flow_dissector: introduce support for Ethernet addresses") Signed-off-by: Anastasia Belova --- net/core/flow_dissector.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/core/flow_dissector.c b/net/core/flow_dissector.c index 272f09251343..05db3a8aa771 100644 --- a/net/core/flow_dissector.c +++ b/net/core/flow_dissector.c @@ -1137,7 +1137,7 @@ bool __skb_flow_dissect(const struct net *net, rcu_read_unlock(); } - if (dissector_uses_key(flow_dissector, + if (skb && dissector_uses_key(flow_dissector, FLOW_DISSECTOR_KEY_ETH_ADDRS)) { struct ethhdr *eth = eth_hdr(skb); struct flow_dissector_key_eth_addrs *key_eth_addrs; -- 2.30.2