| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 3 Oct 2022 21:34:43 +0900
From: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To: patchwork-bot+netdevbpf@...nel.org,
"David S. Miller" <davem@...emloft.net>
Cc: alex.aring@...il.com, stefan@...enfreihafen.org,
shaozhengchao@...wei.com, ast@...nel.org, sdf@...gle.com,
linux-wpan@...r.kernel.org,
syzbot+5ea725c25d06fb9114c4@...kaller.appspotmail.com,
syzkaller-bugs@...glegroups.com, bpf@...r.kernel.org,
netdev@...r.kernel.org
Subject: Re: [PATCH] net/ieee802154: reject zero-sized raw_sendmsg()
On 2022/10/03 21:30, patchwork-bot+netdevbpf@...nel.org wrote:
> Hello:
>
> This patch was applied to netdev/net.git (master)
> by David S. Miller <davem@...emloft.net>:
>
> On Sun, 2 Oct 2022 01:43:44 +0900 you wrote:
>> syzbot is hitting skb_assert_len() warning at raw_sendmsg() for ieee802154
>> socket. What commit dc633700f00f726e ("net/af_packet: check len when
>> min_header_len equals to 0") does also applies to ieee802154 socket.
>>
>> Link: https://syzkaller.appspot.com/bug?extid=5ea725c25d06fb9114c4
>> Reported-by: syzbot <syzbot+5ea725c25d06fb9114c4@...kaller.appspotmail.com>
>> Fixes: fd1894224407c484 ("bpf: Don't redirect packets with invalid pkt_len")
>> Signed-off-by: Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
>>
>> [...]
>
> Here is the summary with links:
> - net/ieee802154: reject zero-sized raw_sendmsg()
> https://git.kernel.org/netdev/net/c/3a4d061c699b
Are you sure that returning -EINVAL is OK?
In v2 patch, I changed to return 0, for PF_IEEE802154 socket's zero-sized
raw_sendmsg() request was able to return 0.
>
> You are awesome, thank you!
Powered by blists - more mailing lists