Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 21 Sep 2023 12:00:29 GMT
From:      Kristof Provost <kp@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: a9326cd7656b - releng/14.0 - ndp: cope with unresolved neighbours
Message-ID:  <202309211200.38LC0T2h050924@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch releng/14.0 has been updated by kp:

URL: https://cgit.FreeBSD.org/src/commit/?id=a9326cd7656bdb84b3bbdcf12ed0e66aee19b450

commit a9326cd7656bdb84b3bbdcf12ed0e66aee19b450
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2023-09-18 17:01:17 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2023-09-21 12:00:00 +0000

    ndp: cope with unresolved neighbours
    
    If we've not (yet) resolved a neighbour nda_lladdr will be NULL, and
    NLA_DATA_LEN(neigh->nda_lladdr) will dereference a NULL pointer.
    
    Avoid that by checking nda_lladdr first, and only dereferencing if it's
    not NULL.
    
    Test case:
            ping6 -c 1 <non-existant neighbour>
            ndp -a
    
    Approved by:    re (kib)
    Reviewed by:    melifaro
    MFC after:      3 days
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
    Differential Revision:  https://reviews.freebsd.org/D41903
    
    (cherry picked from commit b57df6fbcc484f1941bf306cb60a3adaf538df69)
    (cherry picked from commit 100bed131d76893e9fc03f7a81dca3b83b030359)
---
 usr.sbin/ndp/ndp_netlink.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/ndp/ndp_netlink.c b/usr.sbin/ndp/ndp_netlink.c
index ace3e5e5fa11..954d16995b5a 100644
--- a/usr.sbin/ndp/ndp_netlink.c
+++ b/usr.sbin/ndp/ndp_netlink.c
@@ -230,9 +230,12 @@ print_entry(struct snl_parsed_neigh *neigh, struct snl_parsed_link_simple *link)
 		.sdl_family = AF_LINK,
 		.sdl_type = link->ifi_type,
 		.sdl_len = sizeof(struct sockaddr_dl),
-		.sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr),
 	};
-	memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen);
+
+	if (neigh->nda_lladdr) {
+		sdl.sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr),
+		memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen);
+	}
 
 	addrwidth = strlen(host_buf);
 	if (addrwidth < W_ADDR)

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309211200.38LC0T2h050924>