review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Haimin Zhang <tcs.kernel@gmail.com>
	Thu, 8 Sep 2022 12:19:27 +0000 (20:19 +0800)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 12 Oct 2022 07:53:27 +0000 (09:53 +0200)
commit	d2588ba1a3389d7292d56a8c9516711df6576254
tree	c4fb70d4963b1ba2870bd460fe1bcddc97c14c35	tree \| snapshot
parent	1030659dac4ea370090ace75b3266c3c828269aa	commit \| diff

net/ieee802154: fix uninit value bug in dgram_sendmsg

[ Upstream commit 94160108a70c8af17fa1484a37e05181c0e094af ]

There is uninit value bug in dgram_sendmsg function in
net/ieee802154/socket.c when the length of valid data pointed by the
msg->msg_name isn't verified.

We introducing a helper function ieee802154_sockaddr_check_size to
check namelen. First we check there is addr_type in ieee802154_addr_sa.
Then, we check namelen according to addr_type.

Also fixed in raw_bind, dgram_bind, dgram_connect.

Signed-off-by: Haimin Zhang <tcs_kernel@tencent.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>

include/net/ieee802154_netdev.h		diff \| blob \| history
net/ieee802154/socket.c		diff \| blob \| history