Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 21 Sep 2023 11:10:10 GMT
From:      Kristof Provost <kp@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: 100bed131d76 - stable/14 - ndp: cope with unresolved neighbours
Message-ID:  <202309211110.38LBAAbQ063299@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch stable/14 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=100bed131d76893e9fc03f7a81dca3b83b030359

commit 100bed131d76893e9fc03f7a81dca3b83b030359
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-09-18 17:01:17 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-09-21 11:09:57 +0000

    ndp: cope with unresolved neighbours
    
    If we've not (yet) resolved a neighbour nda_lladdr will be NULL, and
    NLA_DATA_LEN(neigh->nda_lladdr) will dereference a NULL pointer.
    
    Avoid that by checking nda_lladdr first, and only dereferencing if it's
    not NULL.
    
    Test case:
            ping6 -c 1 <non-existant neighbour>
            ndp -a
    
    Reviewed by:    melifaro
    MFC after:      3 days
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D41903
    
    (cherry picked from commit b57df6fbcc484f1941bf306cb60a3adaf538df69)
---
 usr.sbin/ndp/ndp_netlink.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/ndp/ndp_netlink.c b/usr.sbin/ndp/ndp_netlink.c
index ace3e5e5fa11..954d16995b5a 100644
--- a/usr.sbin/ndp/ndp_netlink.c
+++ b/usr.sbin/ndp/ndp_netlink.c
@@ -230,9 +230,12 @@ print_entry(struct snl_parsed_neigh *neigh, struct snl_parsed_link_simple *link)
 		.sdl_family = AF_LINK,
 		.sdl_type = link->ifi_type,
 		.sdl_len = sizeof(struct sockaddr_dl),
-		.sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr),
 	};
-	memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen);
+
+	if (neigh->nda_lladdr) {
+		sdl.sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr),
+		memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen);
+	}
 
 	addrwidth = strlen(host_buf);
 	if (addrwidth < W_ADDR)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309211110.38LBAAbQ063299>