| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YeZbzM6TDCIEvCUc@kroah.com>
Date: Tue, 18 Jan 2022 07:18:52 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: Pavel Skripkin <paskripkin@...il.com>
Cc: davem@...emloft.net, kuba@...nel.org, linux@...pel-privat.de,
andrew@...n.ch, oneukum@...e.com, robert.foss@...labora.com,
freddy@...x.com.tw, linux-usb@...r.kernel.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
syzbot+6ca9f7867b77c2d316ac@...kaller.appspotmail.com
Subject: Re: [PATCH RFT] net: asix: add proper error handling of usb read
errors
On Mon, Jan 17, 2022 at 10:31:21PM +0300, Pavel Skripkin wrote:
> On 1/5/22 16:19, Pavel Skripkin wrote:
> > Syzbot once again hit uninit value in asix driver. The problem still the
> > same -- asix_read_cmd() reads less bytes, than was requested by caller.
> >
> > Since all read requests are performed via asix_read_cmd() let's catch
> > usb related error there and add __must_check notation to be sure all
> > callers actually check return value.
> >
> > So, this patch adds sanity check inside asix_read_cmd(), that simply
> > checks if bytes read are not less, than was requested and adds missing
> > error handling of asix_read_cmd() all across the driver code.
> >
> > Fixes: d9fe64e51114 ("net: asix: Add in_pm parameter")
> > Reported-and-tested-by: syzbot+6ca9f7867b77c2d316ac@...kaller.appspotmail.com
> > Signed-off-by: Pavel Skripkin <paskripkin@...il.com>
> > ---
>
> gentle ping :)
It's the middle of a merge window, and you ask for testing before it can
be applied?
confused,
greg k-h
Powered by blists - more mailing lists