| Message ID | 20241115003221.733593-1-kuba@kernel.org (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 0de6a472c3b38432b2f184bd64eb70d9ea36d107 |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net-next] net/neighbor: clear error in case strict check is not set | expand |
On Thu, Nov 14, 2024 at 04:32:21PM -0800, Jakub Kicinski wrote: > Commit 51183d233b5a ("net/neighbor: Update neigh_dump_info for strict > data checking") added strict checking. The err variable is not cleared, > so if we find no table to dump we will return the validation error even > if user did not want strict checking. > > I think the only way to hit this is to send an buggy request, and ask > for a table which doesn't exist, so there's no point treating this > as a real fix. I only noticed it because a syzbot repro depended on it > to trigger another bug. > > Signed-off-by: Jakub Kicinski <kuba@kernel.org> > --- > CC: joel.granados@kernel.org Reviewed-by: Simon Horman <horms@kernel.org>
Hello: This patch was applied to netdev/net-next.git (main) by Jakub Kicinski <kuba@kernel.org>: On Thu, 14 Nov 2024 16:32:21 -0800 you wrote: > Commit 51183d233b5a ("net/neighbor: Update neigh_dump_info for strict > data checking") added strict checking. The err variable is not cleared, > so if we find no table to dump we will return the validation error even > if user did not want strict checking. > > I think the only way to hit this is to send an buggy request, and ask > for a table which doesn't exist, so there's no point treating this > as a real fix. I only noticed it because a syzbot repro depended on it > to trigger another bug. > > [...] Here is the summary with links: - [net-next] net/neighbor: clear error in case strict check is not set https://git.kernel.org/netdev/net-next/c/0de6a472c3b3 You are awesome, thank you!
diff --git a/net/core/neighbour.c b/net/core/neighbour.c index 77b819cd995b..cc58315a40a7 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -2876,6 +2876,7 @@ static int neigh_dump_info(struct sk_buff *skb, struct netlink_callback *cb) err = neigh_valid_dump_req(nlh, cb->strict_check, &filter, cb->extack); if (err < 0 && cb->strict_check) return err; + err = 0; s_t = cb->args[0];
Commit 51183d233b5a ("net/neighbor: Update neigh_dump_info for strict data checking") added strict checking. The err variable is not cleared, so if we find no table to dump we will return the validation error even if user did not want strict checking. I think the only way to hit this is to send an buggy request, and ask for a table which doesn't exist, so there's no point treating this as a real fix. I only noticed it because a syzbot repro depended on it to trigger another bug. Signed-off-by: Jakub Kicinski <kuba@kernel.org> --- CC: joel.granados@kernel.org --- net/core/neighbour.c | 1 + 1 file changed, 1 insertion(+)