diff options
author | Kristof Provost <kp@FreeBSD.org> | 2023-09-18 17:01:17 +0000 |
---|---|---|
committer | Kristof Provost <kp@FreeBSD.org> | 2023-09-21 12:00:00 +0000 |
commit | a9326cd7656bdb84b3bbdcf12ed0e66aee19b450 (patch) | |
tree | dcec7c48e71a91c90824a9a2532db9051f76a1c8 | |
parent | 0d648a59fceda79106fe66347b1df5cc11a7fa00 (diff) | |
download | src-a9326cd7656bdb84b3bbdcf12ed0e66aee19b450.tar.gz src-a9326cd7656bdb84b3bbdcf12ed0e66aee19b450.zip |
ndp: cope with unresolved neighbours
If we've not (yet) resolved a neighbour nda_lladdr will be NULL, and
NLA_DATA_LEN(neigh->nda_lladdr) will dereference a NULL pointer.
Avoid that by checking nda_lladdr first, and only dereferencing if it's
not NULL.
Test case:
ping6 -c 1 <non-existant neighbour>
ndp -a
Approved by: re (kib)
Reviewed by: melifaro
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41903
(cherry picked from commit b57df6fbcc484f1941bf306cb60a3adaf538df69)
(cherry picked from commit 100bed131d76893e9fc03f7a81dca3b83b030359)
-rw-r--r-- | usr.sbin/ndp/ndp_netlink.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.sbin/ndp/ndp_netlink.c b/usr.sbin/ndp/ndp_netlink.c index ace3e5e5fa11..954d16995b5a 100644 --- a/usr.sbin/ndp/ndp_netlink.c +++ b/usr.sbin/ndp/ndp_netlink.c @@ -230,9 +230,12 @@ print_entry(struct snl_parsed_neigh *neigh, struct snl_parsed_link_simple *link) .sdl_family = AF_LINK, .sdl_type = link->ifi_type, .sdl_len = sizeof(struct sockaddr_dl), - .sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr), }; - memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen); + + if (neigh->nda_lladdr) { + sdl.sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr), + memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen); + } addrwidth = strlen(host_buf); if (addrwidth < W_ADDR) |