linux/net/rds
Tetsuo Handa dd3ac9a684 net/rds: Check address length before reading address family
syzbot is reporting uninitialized value at rds_connect() [1] and
rds_bind() [2]. This is because syzbot is passing ulen == 0 whereas
these functions expect that it is safe to access sockaddr->family field
in order to determine minimal address length for validation.

[1] https://syzkaller.appspot.com/bug?id=f4e61c010416c1e6f0fa3ffe247561b60a50ad71
[2] https://syzkaller.appspot.com/bug?id=a4bf9e41b7e055c3823fdcd83e8c58ca7270e38f

Reported-by: syzbot <syzbot+0049bebbf3042dbd2e8f@syzkaller.appspotmail.com>
Reported-by: syzbot <syzbot+915c9f99f3dbc4bd6cd1@syzkaller.appspotmail.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Acked-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-04-12 10:25:03 -07:00
..
af_rds.c net/rds: Check address length before reading address family 2019-04-12 10:25:03 -07:00
bind.c net/rds: Check address length before reading address family 2019-04-12 10:25:03 -07:00
cong.c rds: Changing IP address internal representation to struct in6_addr 2018-07-23 21:17:44 -07:00
connection.c rds: add type of service(tos) infrastructure 2019-02-04 14:59:12 -08:00
ib_cm.c rds: rdma: update rdma transport for tos 2019-02-04 14:59:13 -08:00
ib_fmr.c IB/core: Remove ib_sg_dma_address() and ib_sg_dma_len() 2019-02-04 14:34:07 -07:00
ib_frmr.c IB/core: Remove ib_sg_dma_address() and ib_sg_dma_len() 2019-02-04 14:34:07 -07:00
ib_mr.h Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-02 10:55:32 -07:00
ib_rdma.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/davem/net 2018-08-02 10:55:32 -07:00
ib_recv.c 5.1 Merge Window Pull Request 2019-03-09 15:53:03 -08:00
ib_ring.c
ib_send.c 5.1 Merge Window Pull Request 2019-03-09 15:53:03 -08:00
ib_stats.c RDS: IB: add few useful cache stasts 2017-01-02 14:02:51 -08:00
ib_sysctl.c net: Convert uses of typedef ctl_table to struct ctl_table 2013-06-13 02:36:09 -07:00
ib.c rds: add transport specific tos_map hook 2019-02-04 14:59:13 -08:00
ib.h 5.1 Merge Window Pull Request 2019-03-09 15:53:03 -08:00
info.c treewide: kmalloc() -> kmalloc_array() 2018-06-12 16:19:22 -07:00
info.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig net/rds: RDS is not Radio Data System 2018-08-31 23:09:53 -07:00
loop.c rds: Changing IP address internal representation to struct in6_addr 2018-07-23 21:17:44 -07:00
loop.h rds: clean up loopback rds_connections on netns deletion 2018-06-27 10:11:03 +09:00
Makefile rds: remove trailing whitespace and blank lines 2018-07-24 14:10:42 -07:00
message.c rds: use DIV_ROUND_UP instead of ceil 2019-01-07 07:22:36 -08:00
page.c rds: remove dead code 2016-12-26 21:35:39 -05:00
rdma_transport.c rds: rdma: update rdma transport for tos 2019-02-04 14:59:13 -08:00
rdma_transport.h rds: rdma: add consumer reject 2019-02-04 14:59:11 -08:00
rdma.c net/rds: remove user triggered WARN_ON in rds_sendmsg 2018-12-19 10:27:58 -08:00
rds_single_path.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rds.h rds: add transport specific tos_map hook 2019-02-04 14:59:13 -08:00
recv.c rds: add type of service(tos) infrastructure 2019-02-04 14:59:12 -08:00
send.c rds: rdma: update rdma transport for tos 2019-02-04 14:59:13 -08:00
stats.c net/rds: zero last byte for strncpy 2013-03-08 00:35:44 -05:00
sysctl.c net: rds: fix coding style issues 2016-06-18 21:34:09 -07:00
tcp_connect.c rds: Enable RDS IPv6 support 2018-07-23 21:17:44 -07:00
tcp_listen.c rds: add type of service(tos) infrastructure 2019-02-04 14:59:12 -08:00
tcp_recv.c rds: Changing IP address internal representation to struct in6_addr 2018-07-23 21:17:44 -07:00
tcp_send.c rds: Changing IP address internal representation to struct in6_addr 2018-07-23 21:17:44 -07:00
tcp_stats.c
tcp.c net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). 2019-03-28 17:17:18 -07:00
tcp.h rds: Enable RDS IPv6 support 2018-07-23 21:17:44 -07:00
threads.c rds: make v3.1 as compat version 2019-02-04 14:59:11 -08:00
transport.c rds: remove trailing whitespace and blank lines 2018-07-24 14:10:42 -07:00