Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/net/sctp
History
Alexey Simakov 441f0647f7 sctp: avoid NULL dereference when chunk data buffer is missing 
chunk->skb pointer is dereferenced in the if-block where it's supposed
to be NULL only.

chunk->skb can only be NULL if chunk->head_skb is not. Check for frag_list
instead and do it just before replacing chunk->skb. We're sure that
otherwise chunk->skb is non-NULL because of outer if() condition.

Fixes: 90017accff ("sctp: Add GSO support")
Signed-off-by: Alexey Simakov <bigalex934@gmail.com>
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Link: https://patch.msgid.link/20251021130034.6333-1-bigalex934@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2025-10-22 19:19:31 -07:00
..
Kconfig sctp: Convert cookie authentication to use HMAC-SHA256 2025-08-19 19:36:26 -07:00
Makefile sctp: add fair capacity stream scheduler 2023-03-09 11:31:44 +01:00
associola.c sctp: Remove unused sctp_assoc_del_peer and sctp_chunk_iif 2025-05-05 16:51:12 -07:00
auth.c sctp: Use HMAC-SHA1 and HMAC-SHA256 library for chunk authentication 2025-08-19 19:36:25 -07:00
bind_addr.c sctp: fail if no bound addresses can be used for a given scope 2023-01-24 18:32:33 -08:00
chunk.c sctp: Use HMAC-SHA1 and HMAC-SHA256 library for chunk authentication 2025-08-19 19:36:25 -07:00
debug.c
diag.c net: add sk_drops_read(), sk_drops_inc() and sk_drops_reset() helpers 2025-08-28 13:14:50 +02:00
endpointola.c sctp: Convert cookie authentication to use HMAC-SHA256 2025-08-19 19:36:26 -07:00
input.c sctp: linearize cloned gso packets in sctp_rcv 2025-08-08 13:08:06 -07:00
inqueue.c sctp: avoid NULL dereference when chunk data buffer is missing 2025-10-22 19:19:31 -07:00
ipv6.c sctp: initialize more fields in sctp_v6_from_sk() 2025-08-27 17:15:21 -07:00
objcnt.c
offload.c sctp: use skb_crc32c() instead of __skb_checksum() 2025-05-21 15:40:16 -07:00
output.c treewide: Switch/rename to timer_delete[_sync]() 2025-04-05 10:30:12 +02:00
outqueue.c treewide: Switch/rename to timer_delete[_sync]() 2025-04-05 10:30:12 +02:00
primitive.c
proc.c sctp: snmp: do not use SNMP_MIB_SENTINEL anymore 2025-09-08 18:06:21 -07:00
protocol.c ipv4: Convert ->flowi4_tos to dscp_t. 2025-08-26 17:34:31 -07:00
sm_make_chunk.c sctp: Convert cookie authentication to use HMAC-SHA256 2025-08-19 19:36:26 -07:00
sm_sideeffect.c treewide, timers: Rename from_timer() to timer_container_of() 2025-06-08 09:07:37 +02:00
sm_statefuns.c net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() 2025-10-06 11:07:20 -07:00
sm_statetable.c
socket.c sctp: Convert cookie authentication to use HMAC-SHA256 2025-08-19 19:36:26 -07:00
stream.c treewide: Switch/rename to timer_delete[_sync]() 2025-04-05 10:30:12 +02:00
stream_interleave.c sctp: delete the nested flexible array skip 2023-04-21 08:19:29 +01:00
stream_sched.c sctp: fix a potential OOB access in sctp_sched_set_sched() 2023-05-10 12:10:15 +01:00
stream_sched_fc.c sctp: add weighted fair queueing stream scheduler 2023-03-09 11:31:44 +01:00
stream_sched_prio.c sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop 2023-02-23 12:59:40 -08:00
stream_sched_rr.c sctp: delete free member from struct sctp_sched_ops 2022-12-01 20:14:23 -08:00
sysctl.c sctp: Stop accepting md5 and sha1 for net.sctp.cookie_hmac_alg 2025-08-19 19:36:26 -07:00
transport.c net: dst: annotate data-races around dst->obsolete 2025-07-02 14:32:29 -07:00
tsnmap.c
ulpevent.c net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
ulpqueue.c sctp: remove unnecessary NULL check in sctp_ulpq_tail_event() 2022-10-20 21:43:10 -07:00