leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a66c5ed539
linux/drivers/net/ieee802154
History
Pavel Skripkin 754e438235 ieee802154: atusb: fix uninit value in atusb_set_extended_addr 
Alexander reported a use of uninitialized value in
atusb_set_extended_addr(), that is caused by reading 0 bytes via
usb_control_msg().

Fix it by validating if the number of bytes transferred is actually
correct, since usb_control_msg() may read less bytes, than was requested
by caller.

Fail log:

BUG: KASAN: uninit-cmp in ieee802154_is_valid_extended_unicast_addr include/linux/ieee802154.h:310 [inline]
BUG: KASAN: uninit-cmp in atusb_set_extended_addr drivers/net/ieee802154/atusb.c:1000 [inline]
BUG: KASAN: uninit-cmp in atusb_probe.cold+0x29f/0x14db drivers/net/ieee802154/atusb.c:1056
Uninit value used in comparison: 311daa649a2003bd stack handle: 000000009a2003bd
 ieee802154_is_valid_extended_unicast_addr include/linux/ieee802154.h:310 [inline]
 atusb_set_extended_addr drivers/net/ieee802154/atusb.c:1000 [inline]
 atusb_probe.cold+0x29f/0x14db drivers/net/ieee802154/atusb.c:1056
 usb_probe_interface+0x314/0x7f0 drivers/usb/core/driver.c:396

Fixes: 7490b008d1 ("ieee802154: add support for atusb transceiver")
Reported-by: Alexander Potapenko <glider@google.com>
Acked-by: Alexander Aring <aahringo@redhat.com>
Signed-off-by: Pavel Skripkin <paskripkin@gmail.com>
Link: https://lore.kernel.org/r/20220104182806.7188-1-paskripkin@gmail.com
Signed-off-by: Stefan Schmidt <stefan@datenfreihafen.org>
2022-01-04 20:10:04 +01:00
..
adf7242.c ieee802154/adf7242: check status of adf7242_read_reg 2020-08-03 20:19:21 +02:00
at86rf230.c
at86rf230.h
atusb.c ieee802154: atusb: fix uninit value in atusb_set_extended_addr 2022-01-04 20:10:04 +01:00
atusb.h
ca8210.c ieee802154: Remove redundant 'flush_workqueue()' calls 2021-10-19 13:23:38 +01:00
cc2520.c
fakelb.c
Kconfig treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
mac802154_hwsim.c ieee802154: hwsim: fix GPF in hwsim_new_edge_nl 2021-07-08 09:37:03 +02:00
mac802154_hwsim.h
Makefile
mcr20a.c
mcr20a.h
mrf24j40.c net: ieee802154: mrf24j40: Drop unneeded of_match_ptr() 2021-06-03 10:32:04 +02:00