net: sched: act_tunnel_key: fix NULL pointer dereference during init [Linux 5.0]

This Linux kernel change "net: sched: act_tunnel_key: fix NULL pointer dereference during init" is included in the Linux 5.0 release. This change is authored by Vlad Buslov <vladbu [at] mellanox.com> on Mon Feb 25 17:28:27 2019 +0200. The commit for this change in Linux stable tree is a3df633 (patch).

net: sched: act_tunnel_key: fix NULL pointer dereference during init

Metadata pointer is only initialized for action TCA_TUNNEL_KEY_ACT_SET, but
it is unconditionally dereferenced in tunnel_key_init() error handler.
Verify that metadata pointer is not NULL before dereferencing it in
tunnel_key_init error handling code.

Fixes: ee28bb56ac5b ("net/sched: fix memory leak in act_tunnel_key_init()")
Signed-off-by: Vlad Buslov <[email protected]>
Reviewed-by: Davide Caratti <[email protected]>
Signed-off-by: David S. Miller <[email protected]>

There are 3 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 net/sched/act_tunnel_key.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/sched/act_tunnel_key.c b/net/sched/act_tunnel_key.c
index 8b43fe0..3f943de 100644
--- a/net/sched/act_tunnel_key.c
+++ b/net/sched/act_tunnel_key.c
@@ -377,7 +377,8 @@ static int tunnel_key_init(struct net *net, struct nlattr *nla,
    return ret;

 release_tun_meta:
-   dst_release(&metadata->dst);
+   if (metadata)
+       dst_release(&metadata->dst);

 err_out:
    if (exists)

Leave a Reply

Your email address will not be published. Required fields are marked *