diff --git a/backport-add-NULL-check-before-jsonw_string_field.patch b/backport-add-NULL-check-before-jsonw_string_field.patch new file mode 100644 index 0000000000000000000000000000000000000000..a5cb1c826dc1912beba2515726341db373a7dac3 --- /dev/null +++ b/backport-add-NULL-check-before-jsonw_string_field.patch @@ -0,0 +1,46 @@ +From fd328ccb3cc0d74d6818817b14d9de25aac85331 Mon Sep 17 00:00:00 2001 +From: AntonMoryakov +Date: Sun, 18 May 2025 16:01:11 +0300 +Subject: json_print: add NULL check before jsonw_string_field() in + print_string() + +Static analyzer (Svace) reported a potential null pointer dereference +in print_string(). Specifically, when both 'key' and 'value' are NULL, +the function falls through to jsonw_string_field(_jw, key, value), +which dereferences both pointers. + +Although comments suggest this case is unlikely, it is safer to +explicitly guard against it. This patch adds a check to ensure +both key and value are non-NULL before passing to jsonw_string_field(). + +This resolves: +DEREF_AFTER_NULL: json_print.c:142 + +Found by Svace static analysis tool. + +Signed-off-by: Anton Moryakov +--- + json_print.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/json_print.c b/json_print.c +index 4f62767..dc52f54 100644 +--- a/json_print.c ++++ b/json_print.c +@@ -138,10 +138,11 @@ void print_string(enum output_type type, + jsonw_name(_jw, key); + else if (!key && value) + jsonw_string(_jw, value); +- else ++ else if (key && value) + jsonw_string_field(_jw, key, value); + } else if (_IS_FP_CONTEXT(type)) { +- fprintf(stdout, fmt, value); ++ if (value) ++ fprintf(stdout, fmt, value); + } + } + +-- +2.43.0 + diff --git a/backport-add-NULL-check-for-get_string-in-features.c.patch b/backport-add-NULL-check-for-get_string-in-features.c.patch new file mode 100644 index 0000000000000000000000000000000000000000..d605638a45a2dc4640d58c143f73548af7f4ce63 --- /dev/null +++ b/backport-add-NULL-check-for-get_string-in-features.c.patch @@ -0,0 +1,43 @@ +From d12a0a7b343e476c735e6bcde03be0ea20192aff Mon Sep 17 00:00:00 2001 +From: Anton Moryakov +Date: Tue, 13 May 2025 23:01:28 +0300 +Subject: netlink: add NULL check for get_string() in features.c + +Report of the static analyzer: +Return value of a function 'get_string' is dereferenced at features.c:279 +without checking for NULL, but it is usually checked for this function (6/7). + +Correct explained: +Added NULL check for get_string() return value before passing to strcmp() +to prevent potential NULL pointer dereference. This matches the behavior +in other similar code paths where get_string() is used. + +Triggers found by static analyzer Svace. + +Fixes: a7a05af4a1ea ("netlink: add netlink handler for sfeatures (-K)") +Signed-off-by: Anton Moryakov +--- + netlink/features.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/netlink/features.c b/netlink/features.c +index 5711ff4..6eb2139 100644 +--- a/netlink/features.c ++++ b/netlink/features.c +@@ -275,9 +275,11 @@ static int find_feature(const char *name, + const unsigned int count = get_count(feature_names); + unsigned int i; + +- for (i = 0; i < count; i++) +- if (!strcmp(name, get_string(feature_names, i))) ++ for (i = 0; i < count; i++){ ++ const char *str = get_string(feature_names, i); ++ if (str && !strcmp(name, str)) + return i; ++ } + + return -1; + } +-- +2.43.0 + diff --git a/ethtool.spec b/ethtool.spec index 21f4524c315d096a3243414a66ff9d481c48a961..4ce64edcec7a0ecc81a9af8e9dd2c5f2977e3a7b 100644 --- a/ethtool.spec +++ b/ethtool.spec @@ -1,7 +1,7 @@ Name: ethtool Epoch: 2 Version: 6.6 -Release: 3 +Release: 4 Summary: Settings tool for Ethernet NICs License: GPL-2.0-only AND GPL-2.0-or-later URL: https://www.kernel.org/pub/software/network/ethtool @@ -9,6 +9,8 @@ Source0: https://www.kernel.org/pub/software/network/%{name}/%{name}-%{version}. Patch0: netlink-fix-typo.patch patch1: ethtool-add-suppport-specifications-for-vxlan-by-eth.patch +patch2: backport-add-NULL-check-before-jsonw_string_field.patch +patch3: backport-add-NULL-check-for-get_string-in-features.c.patch BuildRequires: gcc BuildRequires: libmnl-devel @@ -56,6 +58,13 @@ make check %{_mandir}/man8/%{name}.8* %changelog +* Thu Oct 16 2025 zhangyaqi - 2:6.6-4 +- Type:bugfix +- Id:NA +- SUG:NA +- DESC:add NULL check before jsonw_string_field() in print_string() + netlink: add NULL check for get_string() in features.c + * Fri May 10 2024 Hao Chen - 2:6.6-3 - Type:bugfix - Id:NA