core: Handle exhaution of message contexts If message contexts are exhausted, there is a possibility of NULL pointer dereference. Close this attack surface with a check on the message context creation status. Signed-off-by: Sumanth Bhat <sumanth.bhat@linux.intel.com> Change-Id: I208349b74a27a14b180c976bd78ec81a7991e43f

commit: 34d4c96fcf9691e060d8a7f56633bf196c82a52f [log] [tgz]
author: Sumanth Bhat <sumanth.bhat@linux.intel.com> Wed Jun 16 12:50:48 2021 +0530
committer: Andrew Jeffery <andrew@aj.id.au> Tue Jun 22 22:14:25 2021 +0930
tree: e721cb2849693fdfaca46725e02d768eafa5f558
parent: bc79c24e07f9532c0095de431628b47510ff033a [diff] [blame]
diff --git a/core.c b/core.c
index 2ab5d5f..1050c4d 100644
--- a/core.c
+++ b/core.c

@@ -544,6 +544,12 @@
 		} else {
 			ctx = mctp_msg_ctx_create(mctp,
 					hdr->src, hdr->dest, tag);
+			/* If context creation fails due to exhaution of contexts we
+			* can support, drop the packet */
+			if (!ctx) {
+				mctp_prdebug("Context buffers exhausted.");
+				goto out;
+			}
 		}
 
 		/* Save the fragment size, subsequent middle fragments
commit	34d4c96fcf9691e060d8a7f56633bf196c82a52f	[log] [tgz]
author	Sumanth Bhat <sumanth.bhat@linux.intel.com>	Wed Jun 16 12:50:48 2021 +0530
committer	Andrew Jeffery <andrew@aj.id.au>	Tue Jun 22 22:14:25 2021 +0930
tree	e721cb2849693fdfaca46725e02d768eafa5f558
parent	bc79c24e07f9532c0095de431628b47510ff033a [diff] [blame]