[PATCH RFC net] ps3/gelic: Fix possible NULL pointer dereference
Geoff Levand
geoff at infradead.org
Thu Feb 22 18:23:08 AEDT 2024
Hi Simon,
On 2/22/24 01:56, Simon Horman wrote:
> Fix possible NULL pointer dereference in gelic_card_release_tx_chain()
>
> The cited commit introduced a netdev variable to
> gelic_card_release_tx_chain() which is set unconditionally on each
> iteration of a for loop.
>
> It is set to the value of tx_chain->tail->skb->dev. However, in some
> cases it is assumed that tx_chain->tail->skb may be NULL. And if that
> occurs, setting netdev will cause a NULl pointer dereference.
>
> Given the age of this code I do wonder if this can occur in practice.
> But to be on the safe side this patch assumes that it can and aims to
> avoid the dereference in the case where tx_chain->tail->skb may be NULL.
After 17+ years I never hit this, and never heard of anyone hitting it...
> Flagged by Smatch.
> Compile tested only.
Thanks for 'fixing' this.
Acked-by: Geoff Levand <geoff at infradead.org>
More information about the Linuxppc-dev
mailing list