]> git.proxmox.com Git - mirror_iproute2.git/commitdiff
projects / mirror_iproute2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3dec726)
ss: fix NULL dereference when rendering without header
authorJean-Philippe Brucker <jphilippe.brucker@gmail.com>
Sat, 3 Mar 2018 16:59:44 +0000 (16:59 +0000)
committerStephen Hemminger <stephen@networkplumber.org>
Sun, 4 Mar 2018 17:01:31 +0000 (09:01 -0800)
When ss is invoked with the no-header flag, if the query doesn't return
any result, render() is called with 'buffer' uninitialized. This
currently leads to a segfault. Ensure that buffer is initialized before
rendering.

The bug can be triggered with: ss -H sport = 100000

Signed-off-by: Jean-Philippe Brucker <jphilippe.brucker@gmail.com>
Acked-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
misc/ss.c patch | blob | blame | history

diff --git a/misc/ss.c b/misc/ss.c
index e047f9c04582fc66a8fe4b2163d50d3781b645a9..e087bef739b0df258c6882f278ca9a6799e49a99 100644 (file)
--- a/misc/ss.c
+++ b/misc/ss.c
@@ -1197,10 +1197,15 @@ newline:
 /* Render buffered output with spacing and delimiters, then free up buffers */
 static void render(int screen_width)
 {
-       struct buf_token *token = (struct buf_token *)buffer.head->data;
+       struct buf_token *token;
        int printed, line_started = 0;
        struct column *f;
 
+       if (!buffer.head)
+               return;
+
+       token = (struct buf_token *)buffer.head->data;
+
        /* Ensure end alignment of last token, it wasn't necessarily flushed */
        buffer.tail->end += buffer.cur->len % 2;
 
Upstream mirror of iproute2