Message ID | 20230301154450.547716-1-miquel.raynal@bootlin.com (mailing list archive) |
---|---|
State | Awaiting Upstream |
Delegated to: | Netdev Maintainers |
Headers | show |
Series | [net] ieee802154: Prevent user from crashing the host | expand |
Hello, miquel.raynal@bootlin.com wrote on Wed, 1 Mar 2023 16:44:50 +0100: > Avoid crashing the machine by checking > info->attrs[NL802154_ATTR_SCAN_TYPE] presence before de-referencing it, > which was the primary intend of the blamed patch. Subject should have been wpan instead of net, sorry for the confusion. > Reported-by: Sanan Hasanov <sanan.hasanov@Knights.ucf.edu> > Suggested-by: Eric Dumazet <edumazet@google.com> > Fixes: a0b6106672b5 ("ieee802154: Convert scan error messages to extack") > Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> > --- > net/ieee802154/nl802154.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/ieee802154/nl802154.c b/net/ieee802154/nl802154.c > index 88380606af2c..a18fb98a4b09 100644 > --- a/net/ieee802154/nl802154.c > +++ b/net/ieee802154/nl802154.c > @@ -1412,7 +1412,7 @@ static int nl802154_trigger_scan(struct sk_buff *skb, struct genl_info *info) > return -EOPNOTSUPP; > } > > - if (!nla_get_u8(info->attrs[NL802154_ATTR_SCAN_TYPE])) { > + if (!info->attrs[NL802154_ATTR_SCAN_TYPE]) { > NL_SET_ERR_MSG(info->extack, "Malformed request, missing scan type"); > return -EINVAL; > } Thanks, Miquèl
Hello, On Thu, 2023-03-02 at 09:48 +0100, Miquel Raynal wrote: > miquel.raynal@bootlin.com wrote on Wed, 1 Mar 2023 16:44:50 +0100: > > > Avoid crashing the machine by checking > > info->attrs[NL802154_ATTR_SCAN_TYPE] presence before de-referencing it, > > which was the primary intend of the blamed patch. > > Subject should have been wpan instead of net, sorry for the confusion. I read the above as you intend this patch to go through Alexander/Stefan tree, thus dropping from netdev PW. LMK if you prefer otherwise, thanks! Paolo
Hello. On 01.03.23 16:44, Miquel Raynal wrote: > Avoid crashing the machine by checking > info->attrs[NL802154_ATTR_SCAN_TYPE] presence before de-referencing it, > which was the primary intend of the blamed patch. > > Reported-by: Sanan Hasanov <sanan.hasanov@Knights.ucf.edu> > Suggested-by: Eric Dumazet <edumazet@google.com> > Fixes: a0b6106672b5 ("ieee802154: Convert scan error messages to extack") > Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> > --- > net/ieee802154/nl802154.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/ieee802154/nl802154.c b/net/ieee802154/nl802154.c > index 88380606af2c..a18fb98a4b09 100644 > --- a/net/ieee802154/nl802154.c > +++ b/net/ieee802154/nl802154.c > @@ -1412,7 +1412,7 @@ static int nl802154_trigger_scan(struct sk_buff *skb, struct genl_info *info) > return -EOPNOTSUPP; > } > > - if (!nla_get_u8(info->attrs[NL802154_ATTR_SCAN_TYPE])) { > + if (!info->attrs[NL802154_ATTR_SCAN_TYPE]) { > NL_SET_ERR_MSG(info->extack, "Malformed request, missing scan type"); > return -EINVAL; > } This patch has been applied to the wpan tree and will be part of the next pull request to net. Thanks! regards Stefan Schmidt
Hello Paolo. On 02.03.23 11:20, Paolo Abeni wrote: > Hello, > > On Thu, 2023-03-02 at 09:48 +0100, Miquel Raynal wrote: >> miquel.raynal@bootlin.com wrote on Wed, 1 Mar 2023 16:44:50 +0100: >> >>> Avoid crashing the machine by checking >>> info->attrs[NL802154_ATTR_SCAN_TYPE] presence before de-referencing it, >>> which was the primary intend of the blamed patch. >> >> Subject should have been wpan instead of net, sorry for the confusion. > > I read the above as you intend this patch to go through > Alexander/Stefan tree, thus dropping from netdev PW. That is correct. I just applied it and will send a pull request for net later today once it passed all my tests here. regards Stefan Schmidt
diff --git a/net/ieee802154/nl802154.c b/net/ieee802154/nl802154.c index 88380606af2c..a18fb98a4b09 100644 --- a/net/ieee802154/nl802154.c +++ b/net/ieee802154/nl802154.c @@ -1412,7 +1412,7 @@ static int nl802154_trigger_scan(struct sk_buff *skb, struct genl_info *info) return -EOPNOTSUPP; } - if (!nla_get_u8(info->attrs[NL802154_ATTR_SCAN_TYPE])) { + if (!info->attrs[NL802154_ATTR_SCAN_TYPE]) { NL_SET_ERR_MSG(info->extack, "Malformed request, missing scan type"); return -EINVAL; }
Avoid crashing the machine by checking info->attrs[NL802154_ATTR_SCAN_TYPE] presence before de-referencing it, which was the primary intend of the blamed patch. Reported-by: Sanan Hasanov <sanan.hasanov@Knights.ucf.edu> Suggested-by: Eric Dumazet <edumazet@google.com> Fixes: a0b6106672b5 ("ieee802154: Convert scan error messages to extack") Signed-off-by: Miquel Raynal <miquel.raynal@bootlin.com> --- net/ieee802154/nl802154.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)