[SLOF] [PATCH 4/5] ipv6: Fix NULL pointer dereference in ip6addr_add()
Andrew Jones
drjones at redhat.com
Tue May 3 15:32:22 AEST 2016
On Mon, May 02, 2016 at 09:55:30PM +0200, Thomas Huth wrote:
> When ip6addr_add() is called for the first time, both the first_ip6
> and the last_ip6 pointer are not initialized yet, i.e. contain NULL.
> So writing to "last_ip6->next" is a bad idea here. Fix it so that
> this value is only written when the function is not called for the
> first time.
>
> Signed-off-by: Thomas Huth <thuth at redhat.com>
> ---
> clients/net-snk/app/netlib/ipv6.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
Reviewed-by: Andrew Jones <drjones at redhat.com>
>
> diff --git a/clients/net-snk/app/netlib/ipv6.c b/clients/net-snk/app/netlib/ipv6.c
> index 220fd36..6aa1ea3 100644
> --- a/clients/net-snk/app/netlib/ipv6.c
> +++ b/clients/net-snk/app/netlib/ipv6.c
> @@ -330,7 +330,8 @@ int8_t ip6addr_add(struct ip6addr_list_entry *new_address)
>
> if (first_ip6 == NULL)
> first_ip6 = new_address;
> - last_ip6->next = new_address;
> + else
> + last_ip6->next = new_address;
> last_ip6 = new_address;
> last_ip6->next = NULL;
>
> --
> 1.8.3.1
>
More information about the SLOF
mailing list