[PATCH v2] net: microchip: sparx5: Fix potential NULL pointer dereference

Wed Feb 12 08:21:13 PST 2025

From: Wentao Liang <vulab at iscas.ac.cn>
Date: Wed, 12 Feb 2025 22:18:28 +0800

> Check the return value of vcap_keyfields() in
> vcap_debugfs_show_rule_keyset(). If vcap_keyfields()
> returns NULL, skip the keyfield to prevent a NULL pointer
> dereference when calling vcap_debugfs_show_rule_keyfield().

Do you have a repro for this? Is this possible to trigger a real nullptr
deref here or it's just "let it be"?

> 
> Fixes: 610c32b2ce66 ("net: microchip: vcap: Add vcap_get_rule")
> Cc: stable at vger.kernel.org # 6.2+
> Signed-off-by: Wentao Liang <vulab at iscas.ac.cn>
> ---
>  drivers/net/ethernet/microchip/vcap/vcap_api_debugfs.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/net/ethernet/microchip/vcap/vcap_api_debugfs.c b/drivers/net/ethernet/microchip/vcap/vcap_api_debugfs.c
> index 59bfbda29bb3..e9e2f7af9be3 100644
> --- a/drivers/net/ethernet/microchip/vcap/vcap_api_debugfs.c
> +++ b/drivers/net/ethernet/microchip/vcap/vcap_api_debugfs.c
> @@ -202,6 +202,8 @@ static int vcap_debugfs_show_rule_keyset(struct vcap_rule_internal *ri,
>  
>  	list_for_each_entry(ckf, &ri->data.keyfields, ctrl.list) {
>  		keyfield = vcap_keyfields(vctrl, admin->vtype, ri->data.keyset);
> +		if (!keyfield)
> +			continue;
>  		vcap_debugfs_show_rule_keyfield(vctrl, out, ckf->ctrl.key,
>  						keyfield, &ckf->data);
>  	}

Thanks,
Olek