korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-18 01:34:14 +08:00
Code Issues Packages Projects Releases Wiki Activity
ea26bf5eca
linux/net/tipc
History
Hoang Le 92a930fcf4 tipc: check attribute length for bearer name 
[ Upstream commit 7f36f798f8 ]

syzbot reported uninit-value:
=====================================================
BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:644 [inline]
BUG: KMSAN: uninit-value in string+0x4f9/0x6f0 lib/vsprintf.c:725
 string_nocheck lib/vsprintf.c:644 [inline]
 string+0x4f9/0x6f0 lib/vsprintf.c:725
 vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806
 vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158
 vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256
 vprintk_default+0x86/0xa0 kernel/printk/printk.c:2283
 vprintk+0x15f/0x180 kernel/printk/printk_safe.c:50
 _printk+0x18d/0x1cf kernel/printk/printk.c:2293
 tipc_enable_bearer net/tipc/bearer.c:371 [inline]
 __tipc_nl_bearer_enable+0x2022/0x22a0 net/tipc/bearer.c:1033
 tipc_nl_bearer_enable+0x6c/0xb0 net/tipc/bearer.c:1042
 genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]

- Do sanity check the attribute length for TIPC_NLA_BEARER_NAME.
- Do not use 'illegal name' in printing message.

Reported-by: syzbot+e820fdc8ce362f2dea51@syzkaller.appspotmail.com
Fixes: cb30a63384 ("tipc: refactor function tipc_enable_bearer()")
Acked-by: Jon Maloy <jmaloy@redhat.com>
Signed-off-by: Hoang Le <hoang.h.le@dektech.com.au>
Link: https://lore.kernel.org/r/20220602063053.5892-1-hoang.h.le@dektech.com.au
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-06-14 18:36:13 +02:00
..
addr.c tipc: introduce new unified address type for internal use 2021-03-17 11:51:04 -07:00
addr.h tipc: introduce new unified address type for internal use 2021-03-17 11:51:04 -07:00
bcast.c net: tipc: fix FB_MTU eat two pages 2021-06-28 13:31:57 -07:00
bcast.h tipc: update a binding service via broadcast 2020-06-17 08:53:34 -07:00
bearer.c tipc: check attribute length for bearer name 2022-06-14 18:36:13 +02:00
bearer.h net: tipc: Fix spelling errors in net/tipc module 2021-04-07 14:29:29 -07:00
core.c tipc: simplify the finalize work queue 2021-05-18 13:22:09 -07:00
core.h tipc: simplify the finalize work queue 2021-05-18 13:22:09 -07:00
crypto.c tipc: fix a bit overflow in tipc_crypto_key_rcv() 2022-03-08 19:12:30 +01:00
crypto.h net/tipc: fix tipc header files for kernel-doc 2020-12-01 15:37:41 -08:00
diag.c
discover.c tipc: simplify the finalize work queue 2021-05-18 13:22:09 -07:00
discover.h
eth_media.c tipc: Use is_broadcast_ether_addr() instead of memcmp() 2020-08-03 16:21:46 -07:00
group.c tipc: update address terminology in code 2020-11-27 17:34:01 -08:00
group.h tipc: update address terminology in code 2020-11-27 17:34:01 -08:00
ib_media.c tipc: introduce variable window congestion control 2019-12-10 17:31:15 -08:00
Kconfig tipc: not enable tipc when ipv6 works as a module 2020-08-16 21:04:55 -07:00
link.c tipc: fix incorrect order of state message data sanity check 2022-03-16 14:23:38 +01:00
link.h tipc: simplify the finalize work queue 2021-05-18 13:22:09 -07:00
Makefile tipc: remove meaningless assignment in Makefile 2020-01-08 12:38:54 -08:00
monitor.c tipc: improve size validations for received domain records 2022-02-11 09:10:26 +01:00
monitor.h tipc: update mon's self addr when node addr generated 2019-11-12 19:45:45 -08:00
msg.c net: tipc: replace align() with ALIGN in msg.c 2021-06-28 13:31:57 -07:00
msg.h net: tipc: fix FB_MTU eat two pages 2021-06-28 13:31:57 -07:00
name_distr.c tipc: rate limit warning for received illegal binding update 2022-02-16 12:56:30 +01:00
name_distr.h net/tipc: fix tipc header files for kernel-doc 2020-12-01 15:37:41 -08:00
name_table.c tipc: Fix end of loop tests for list_for_each_entry() 2022-03-02 11:47:56 +01:00
name_table.h tipc: simplify handling of lookup scope during multicast message reception 2021-06-03 14:06:39 -07:00
net.c tipc: simplify the finalize work queue 2021-05-18 13:22:09 -07:00
net.h tipc: fix a deadlock when flushing scheduled work 2020-09-07 12:08:53 -07:00
netlink_compat.c tipc: convert dest node's address to network order 2021-03-11 18:06:54 -08:00
netlink.c tipc: add automatic rekeying for encryption key 2020-09-18 13:58:37 -07:00
netlink.h net: tipc: allocate attrs locally instead of using genl_family_attrbuf in compat_dumpit() 2019-10-06 15:44:47 +02:00
node.c tipc: fix wrong notification node addresses 2022-02-23 12:03:14 +01:00
node.h tipc: add automatic session key exchange 2020-09-18 13:58:37 -07:00
socket.c tipc: fix the timer expires after interval 100ms 2022-04-08 14:23:43 +02:00
socket.h tipc: add stricter control of reserved service types 2020-10-30 08:19:18 -07:00
subscr.c tipc:subscr.c: fix a spelling mistake 2021-06-10 13:48:43 -07:00
subscr.h tipc: fix htmldoc and smatch warnings 2021-03-29 16:28:50 -07:00
sysctl.c tipc: add automatic session key exchange 2020-09-18 13:58:37 -07:00
topsrv.c tipc: update address terminology in code 2020-11-27 17:34:01 -08:00
topsrv.h
trace.c net/tipc: fix various kernel-doc warnings 2020-12-01 15:37:46 -08:00
trace.h tipc: add support for broadcast rcv stats dumping 2020-05-26 15:16:52 -07:00
udp_media.c tipc: wait and exit until all work queues are done 2021-05-17 14:07:48 -07:00
udp_media.h