bpf: Fix dev pointer dereference from sk_skb
authorJoe Stringer <joe@wand.net.nz>
Fri, 12 Oct 2018 21:50:53 +0000 (14:50 -0700)
committerAlexei Starovoitov <ast@kernel.org>
Sun, 14 Oct 2018 06:03:08 +0000 (23:03 -0700)
Dan Carpenter reports:

The patch 6acc9b432e67: "bpf: Add helper to retrieve socket in BPF"
from Oct 2, 2018, leads to the following Smatch complaint:

    net/core/filter.c:4893 bpf_sk_lookup()
    error: we previously assumed 'skb->dev' could be null (see line 4885)

Fix this issue by checking skb->dev before using it.

Signed-off-by: Joe Stringer <joe@wand.net.nz>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
net/core/filter.c

index 4bbc656..b844761 100644 (file)
@@ -4821,9 +4821,12 @@ static const struct bpf_func_proto bpf_lwt_seg6_adjust_srh_proto = {
 static struct sock *sk_lookup(struct net *net, struct bpf_sock_tuple *tuple,
                              struct sk_buff *skb, u8 family, u8 proto)
 {
-       int dif = skb->dev->ifindex;
        bool refcounted = false;
        struct sock *sk = NULL;
+       int dif = 0;
+
+       if (skb->dev)
+               dif = skb->dev->ifindex;
 
        if (family == AF_INET) {
                __be32 src4 = tuple->ipv4.saddr;