lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Y2lOg/xnjxNt+vUi@google.com>
Date:   Mon, 7 Nov 2022 10:29:23 -0800
From:   Dmitry Torokhov <dmitry.torokhov@...il.com>
To:     Tetsuo Handa <penguin-kernel@...ove.sakura.ne.jp>
Cc:     Greg Tulli <greg.iforce@...il.com>,
        syzbot <syzbot+4dd880c1184280378821@...kaller.appspotmail.com>,
        syzkaller-bugs@...glegroups.com, linux-input@...r.kernel.org,
        linux-kernel@...r.kernel.org, glider@...gle.com
Subject: Re: [PATCH] Input: iforce - invert valid length check when fetching
 device IDs

On Mon, Nov 07, 2022 at 07:47:15PM +0900, Tetsuo Handa wrote:
> syzbot is reporting uninitialized value at iforce_init_device() [1], for
> commit 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer
> when fetching device IDs") is checking that valid length is shorter than
> bytes to read. Since iforce_get_id_packet() stores valid length when
> returning 0, the caller needs to check that valid length is longer than or
> equals to bytes to read.
> 
> Link: https://syzkaller.appspot.com/bug?extid=4dd880c1184280378821 [1]
> Reported-by: syzbot <syzbot+4dd880c1184280378821@...kaller.appspotmail.com>
> Signed-off-by: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
> Fixes: 6ac0aec6b0a6 ("Input: iforce - allow callers supply data buffer when fetching device IDs")

Applied, thank you.

-- 
Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ