lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f7e87879-1ac6-65e5-5162-c251204f07d4@datenfreihafen.org>
Date:   Tue, 23 Aug 2022 10:40:13 +0200
From:   Stefan Schmidt <stefan@...enfreihafen.org>
To:     Haimin Zhang <tcs.kernel@...il.com>, alex.aring@...il.com,
        davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
        pabeni@...hat.com, linux-wpan@...r.kernel.org,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     Haimin Zhang <tcs_kernel@...cent.com>
Subject: Re: [PATCH] net/ieee802154: fix uninit value bug in dgram_sendmsg

Hello.

On 22.08.22 09:19, Haimin Zhang wrote:
> There is uninit value bug in dgram_sendmsg function in
> net/ieee802154/socket.c when the length of valid data pointed by the
> msg->msg_name isn't verified.
> 
> This length is specified by msg->msg_namelen. Function
> ieee802154_addr_from_sa is called by dgram_sendmsg, which use
> msg->msg_name as struct sockaddr_ieee802154* and read it, that will
> eventually lead to uninit value read. So we should check the length of
> msg->msg_name is not less than sizeof(struct sockaddr_ieee802154)
> before entering the ieee802154_addr_from_sa.
> 
> Signed-off-by: Haimin Zhang <tcs_kernel@...cent.com>


This patch has been applied to the wpan tree and will be
part of the next pull request to net. Thanks!

Btw, I got a warning from the checkpatch script that your author and SOB 
email addresses do not match. Might be a good idea to fix this.
If you are having trouble to send patches through the company mail 
server there is always the option to use the gmail address for sending 
the mail and an internal From: header in the patch to fix up the author.

regards
Stefan Schmidt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ