| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210221174321.14210-3-aahringo@redhat.com>
Date: Sun, 21 Feb 2021 12:43:20 -0500
From: Alexander Aring <aahringo@...hat.com>
To: stefan@...enfreihafen.org
Cc: linux-wpan@...r.kernel.org, netdev@...r.kernel.org
Subject: [PATCH wpan 3/4] net: ieee802154: fix nl802154 add llsec key
This patch fixes a nullpointer dereference if NL802154_ATTR_SEC_KEY is
not set by the user. If this is the case nl802154 will return -EINVAL.
Reported-by: syzbot+ce4e062c2d51977ddc50@...kaller.appspotmail.com
Signed-off-by: Alexander Aring <aahringo@...hat.com>
---
net/ieee802154/nl802154.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/ieee802154/nl802154.c b/net/ieee802154/nl802154.c
index 063b12cba71f..3f6d86d63923 100644
--- a/net/ieee802154/nl802154.c
+++ b/net/ieee802154/nl802154.c
@@ -1544,7 +1544,8 @@ static int nl802154_add_llsec_key(struct sk_buff *skb, struct genl_info *info)
struct ieee802154_llsec_key_id id = { };
u32 commands[NL802154_CMD_FRAME_NR_IDS / 32] = { };
- if (nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))
+ if (!info->attrs[NL802154_ATTR_SEC_KEY] ||
+ nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))
return -EINVAL;
if (!attrs[NL802154_KEY_ATTR_USAGE_FRAMES] ||
--
2.26.2
Powered by blists - more mailing lists