[PATCH RFC net] ps3/gelic: Fix possible NULL pointer dereference
Geoff Levand
geoff at infradead.org
Thu Feb 22 17:46:34 AEDT 2024
On 2/22/24 03:32, Dan Carpenter wrote:
> This driver is PPC so I have never looked at the code before. I noticed
> another issue that was introduced last December in commit 3ce4f9c3fbb3
> ("net/ps3_gelic_net: Add gelic_descr structures").
>
> net/ethernet/toshiba/ps3_gelic_net.c
...
> 375 static int gelic_descr_prepare_rx(struct gelic_card *card,
> 376 struct gelic_descr *descr)
> 398 descr->skb = NULL;
> ^^^^^^^^^^^^^^^^^^
> NULL
>
> 399
> 400 offset = ((unsigned long)descr->skb->data) &
> ^^^^^^^^^^^^
> Dereferenced here.
There is a fix, see '[PATCH v6 net] ps3/gelic: Fix SKB allocation':
https://lore.kernel.org/netdev/20240221172824.GD722610@kernel.org/T/
-Geoff
More information about the Linuxppc-dev
mailing list