i40e: Add checking for null for nlmsg_find_attr()

The result of nlmsg_find_attr() 'br_spec' is dereferenced in nla_for_each_nested(), but it can take NULL value in nla_find() function, which will result in an error. Found by Linux Verification Center (linuxtesting.org) with SVACE. Fixes: 51616018dd1b ("i40e: Add support for getlink, setlink ndo ops") Signed-off-by: Natalia Petrova <[email protected]> Reviewed-by: Jesse Brandeburg <[email protected]> Tested-by: Gurucharan G <[email protected]> (A Contingent worker at Intel) Signed-off-by: Tony Nguyen <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Jakub Kicinski <[email protected]>
author: Natalia Petrova <[email protected]> 2023-02-09 09:28:33 -0800
committer: Jakub Kicinski <[email protected]> 2023-02-10 19:51:35 -0800
commit: 7fa0b526f865cb42aa33917fd02a92cb03746f4d (patch)
tree: 42b25d361be5f7e8a8a4d10a64043b82be232695
parent: 1f090494170ea298530cf1285fb8d078e355b4c0 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c b/drivers/net/ethernet/intel/i40e/i40e_main.c
index 53d0083e35da..4626d2a1af91 100644
--- a/drivers/net/ethernet/intel/i40e/i40e_main.c
+++ b/drivers/net/ethernet/intel/i40e/i40e_main.c
@@ -13167,6 +13167,8 @@ static int i40e_ndo_bridge_setlink(struct net_device *dev,
 	}
 
 	br_spec = nlmsg_find_attr(nlh, sizeof(struct ifinfomsg), IFLA_AF_SPEC);
+	if (!br_spec)
+		return -EINVAL;
 
 	nla_for_each_nested(attr, br_spec, rem) {
 		__u16 mode;
author	Natalia Petrova <[email protected]>	2023-02-09 09:28:33 -0800
committer	Jakub Kicinski <[email protected]>	2023-02-10 19:51:35 -0800
commit	7fa0b526f865cb42aa33917fd02a92cb03746f4d (patch)
tree	42b25d361be5f7e8a8a4d10a64043b82be232695
parent	1f090494170ea298530cf1285fb8d078e355b4c0 (diff)