diff --git a/backport-add-NULL-check-before-jsonw_string_field.patch b/backport-add-NULL-check-before-jsonw_string_field.patch new file mode 100644 index 0000000000000000000000000000000000000000..a5cb1c826dc1912beba2515726341db373a7dac3 --- /dev/null +++ b/backport-add-NULL-check-before-jsonw_string_field.patch @@ -0,0 +1,46 @@ +From fd328ccb3cc0d74d6818817b14d9de25aac85331 Mon Sep 17 00:00:00 2001 +From: AntonMoryakov +Date: Sun, 18 May 2025 16:01:11 +0300 +Subject: json_print: add NULL check before jsonw_string_field() in + print_string() + +Static analyzer (Svace) reported a potential null pointer dereference +in print_string(). Specifically, when both 'key' and 'value' are NULL, +the function falls through to jsonw_string_field(_jw, key, value), +which dereferences both pointers. + +Although comments suggest this case is unlikely, it is safer to +explicitly guard against it. This patch adds a check to ensure +both key and value are non-NULL before passing to jsonw_string_field(). + +This resolves: +DEREF_AFTER_NULL: json_print.c:142 + +Found by Svace static analysis tool. + +Signed-off-by: Anton Moryakov +--- + json_print.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/json_print.c b/json_print.c +index 4f62767..dc52f54 100644 +--- a/json_print.c ++++ b/json_print.c +@@ -138,10 +138,11 @@ void print_string(enum output_type type, + jsonw_name(_jw, key); + else if (!key && value) + jsonw_string(_jw, value); +- else ++ else if (key && value) + jsonw_string_field(_jw, key, value); + } else if (_IS_FP_CONTEXT(type)) { +- fprintf(stdout, fmt, value); ++ if (value) ++ fprintf(stdout, fmt, value); + } + } + +-- +2.43.0 + diff --git a/backport-add-NULL-check-for-get_string-in-features.c.patch b/backport-add-NULL-check-for-get_string-in-features.c.patch new file mode 100644 index 0000000000000000000000000000000000000000..4dfd7e477febe2e35ddda657f5a093fa81b39fff --- /dev/null +++ b/backport-add-NULL-check-for-get_string-in-features.c.patch @@ -0,0 +1,43 @@ +From d12a0a7b343e476c735e6bcde03be0ea20192aff Mon Sep 17 00:00:00 2001 +From: Anton Moryakov +Date: Tue, 13 May 2025 23:01:28 +0300 +Subject: netlink: add NULL check for get_string() in features.c + +Report of the static analyzer: +Return value of a function 'get_string' is dereferenced at features.c:279 +without checking for NULL, but it is usually checked for this function (6/7). + +Correct explained: +Added NULL check for get_string() return value before passing to strcmp() +to prevent potential NULL pointer dereference. This matches the behavior +in other similar code paths where get_string() is used. + +Triggers found by static analyzer Svace. + +Fixes: a7a05af4a1ea ("netlink: add netlink handler for sfeatures (-K)") +Signed-off-by: Anton Moryakov +--- + netlink/features.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/netlink/features.c b/netlink/features.c +index 2a0899e..aefa1b5 100644 +--- a/netlink/features.c ++++ b/netlink/features.c +@@ -250,9 +250,11 @@ static int find_feature(const char *name, + const unsigned int count = get_count(feature_names); + unsigned int i; + +- for (i = 0; i < count; i++) +- if (!strcmp(name, get_string(feature_names, i))) ++ for (i = 0; i < count; i++){ ++ const char *str = get_string(feature_names, i); ++ if (str && !strcmp(name, str)) + return i; ++ } + + return -1; + } +-- +2.43.0 + diff --git a/ethtool.spec b/ethtool.spec index cadae3640e96ae1ffd710242484c4142105c2ffd..937a8e4554c482237f1e4187652254e8cd8940b8 100644 --- a/ethtool.spec +++ b/ethtool.spec @@ -1,7 +1,7 @@ Name: ethtool Epoch: 2 Version: 5.15 -Release: 8 +Release: 9 Summary: Settings tool for Ethernet NICs License: GPLv2 URL: https://www.kernel.org/pub/software/network/ethtool @@ -38,6 +38,8 @@ Patch27: backport-ethtool-Fix-SFF-8472-transceiver-module-identificati.pa Patch28: backport-net-ethtool-Add-default-branch-to-sff8636_show_all_i.patch Patch29: backport-qsfp-Better-handling-of-Page-03h-netlink-read-failur.patch Patch30: backport-module-eeprom-treat-zero-arguments-like-any-other-ar.patch +Patch31: backport-add-NULL-check-before-jsonw_string_field.patch +Patch32: backport-add-NULL-check-for-get_string-in-features.c.patch BuildRequires: gcc BuildRequires: libmnl-devel @@ -85,6 +87,13 @@ make check %{_mandir}/man8/%{name}.8* %changelog +* Thu Oct 16 2025 zhangyaqi - 2:5.15-9 +- Type:bugfix +- Id:NA +- SUG:NA +- DESC:add NULL check before jsonw_string_field() in print_string() + netlink: add NULL check for get_string() in features.c + * Wed Jul 30 2025 andy - 2:5.15-8 - Type:requirement - Id:NA