diff options
author | Kristof Provost <kp@FreeBSD.org> | 2023-09-18 17:01:17 +0000 |
---|---|---|
committer | Kristof Provost <kp@FreeBSD.org> | 2023-09-18 18:12:45 +0000 |
commit | b57df6fbcc484f1941bf306cb60a3adaf538df69 (patch) | |
tree | 58696ca55e50dc487bf964889e60e3a4299f0678 /usr.sbin/ndp | |
parent | 227d01c1bc7caf2e838ee6eef1e6a3cc81d79d1b (diff) | |
download | src-b57df6fbcc484f1941bf306cb60a3adaf538df69.tar.gz src-b57df6fbcc484f1941bf306cb60a3adaf538df69.zip |
ndp: cope with unresolved neighbours
If we've not (yet) resolved a neighbour nda_lladdr will be NULL, and
NLA_DATA_LEN(neigh->nda_lladdr) will dereference a NULL pointer.
Avoid that by checking nda_lladdr first, and only dereferencing if it's
not NULL.
Test case:
ping6 -c 1 <non-existant neighbour>
ndp -a
Reviewed by: melifaro
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41903
Diffstat (limited to 'usr.sbin/ndp')
-rw-r--r-- | usr.sbin/ndp/ndp_netlink.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/usr.sbin/ndp/ndp_netlink.c b/usr.sbin/ndp/ndp_netlink.c index ace3e5e5fa11..954d16995b5a 100644 --- a/usr.sbin/ndp/ndp_netlink.c +++ b/usr.sbin/ndp/ndp_netlink.c @@ -230,9 +230,12 @@ print_entry(struct snl_parsed_neigh *neigh, struct snl_parsed_link_simple *link) .sdl_family = AF_LINK, .sdl_type = link->ifi_type, .sdl_len = sizeof(struct sockaddr_dl), - .sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr), }; - memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen); + + if (neigh->nda_lladdr) { + sdl.sdl_alen = NLA_DATA_LEN(neigh->nda_lladdr), + memcpy(sdl.sdl_data, NLA_DATA(neigh->nda_lladdr), sdl.sdl_alen); + } addrwidth = strlen(host_buf); if (addrwidth < W_ADDR) |