From: Dan Carpenter Date: Sat, 12 May 2012 01:00:03 +0000 (+0000) Subject: netfilter: xt_HMARK: potential NULL dereference in get_inner_hdr() X-Git-Tag: firefly_0821_release~3680^2~2787^2~25 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=58618115492711d99fbccb79c5317299e32231fe;p=firefly-linux-kernel-4.4.55.git netfilter: xt_HMARK: potential NULL dereference in get_inner_hdr() There is a typo in the error checking and "&&" was used instead of "||". If skb_header_pointer() returns NULL then it leads to a NULL dereference. Signed-off-by: Dan Carpenter Acked-by: Hans Schillstrom Signed-off-by: Pablo Neira Ayuso --- diff --git a/net/netfilter/xt_HMARK.c b/net/netfilter/xt_HMARK.c index 32fbd735d02b..5817d03105b2 100644 --- a/net/netfilter/xt_HMARK.c +++ b/net/netfilter/xt_HMARK.c @@ -223,7 +223,7 @@ static int get_inner_hdr(const struct sk_buff *skb, int iphsz, int *nhoff) /* Not enough header? */ icmph = skb_header_pointer(skb, *nhoff + iphsz, sizeof(_ih), &_ih); - if (icmph == NULL && icmph->type > NR_ICMP_TYPES) + if (icmph == NULL || icmph->type > NR_ICMP_TYPES) return 0; /* Error message? */