[lvc-project] [PATCH net] mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next()
Ido Schimmel
idosch at nvidia.com
Tue Apr 18 09:15:33 MSK 2023
On Mon, Apr 17, 2023 at 05:07:18AM -0700, Nikita Zhandarovich wrote:
> Function mlxfw_mfa2_tlv_multi_get() returns NULL if 'tlv' in
> question does not pass checks in mlxfw_mfa2_tlv_payload_get(). This
> behaviour may lead to NULL pointer dereference in 'multi->total_len'.
> Fix this issue by testing mlxfw_mfa2_tlv_multi_get()'s return value
> against NULL.
>
> Found by Linux Verification Center (linuxtesting.org) with static
> analysis tool SVACE.
>
> Fixes: 410ed13cae39 ("Add the mlxfw module for Mellanox firmware flash process")
> Co-developed-by: Natalia Petrova <n.petrova at fintech.ru>
> Signed-off-by: Nikita Zhandarovich <n.zhandarovich at fintech.ru>
Reviewed-by: Ido Schimmel <idosch at nvidia.com>
More information about the lvc-project
mailing list