Re: [Bridge] [PATCH 2/3] netfilter: potential null derefence.
|[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]|
Hi Bart, Its good to do the testing before rolling up the patch but code analysis shows there is a potential bug. For cs=NULL the following statement will cause crash. i = cs[sp].n The aim of this patch is to avoid possible null dereference. Regards Santosh On Sat, Mar 3, 2012 at 3:01 AM, Bart De Schuymer <bdschuym@xxxxxxxxxx> wrote: > Op 1/03/2012 13:30, Pablo Neira Ayuso schreef: > >> On Thu, Mar 01, 2012 at 02:47:14PM +0530, santosh nayak wrote: >>> >>> From: Santosh Nayak<santoshprasadnayak@xxxxxxxxx> >>> >>> I am getting following error. >>> " net/bridge/netfilter/ebtables.c:269 ebt_do_table() >>> error: potential null derefence 'cs'" >>> >>> i = cs[sp].n; // If cs == Null then this will cause problem. >> >> >> Very sorry, I didn't see the out label. >> >> I'll apply this to my nf  once David takes my previous request for >> pulling. >> > > Hi, > > Has this patch been tested? Really, that code in the core firewall function > is there for a reason, wouldn't you think? > The chainstack is only allocated when user-defined chains are used (see > translate_table). > Never blindly trust a tool. > > Bart -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html