can: af_can: prevent potential access of uninitialized member in canfd_rcv() - blaster4385/linux-IllusionX - Linux kernel with personal config changes for arch linux

diff options

author	Anant Thazhemadam <[email protected]>	2020-11-04 03:09:06 +0530
committer	Marc Kleine-Budde <[email protected]>	2020-11-15 18:24:33 +0100
commit	9aa9379d8f868e91719333a7f063ccccc0579acc (patch)
tree	e472898355217bc53a9ad1846eb77131f090f4e0 /lib/mpi/mpi-cmp.c
parent	c8c958a58fc67f353289986850a0edf553435702 (diff)

can: af_can: prevent potential access of uninitialized member in canfd_rcv()

In canfd_rcv(), cfd->len is uninitialized when skb->len = 0, and this uninitialized cfd->len is accessed nonetheless by pr_warn_once(). Fix this uninitialized variable access by checking cfd->len's validity condition (cfd->len > CANFD_MAX_DLEN) separately after the skb->len's condition is checked, and appropriately modify the log messages that are generated as well. In case either of the required conditions fail, the skb is freed and NET_RX_DROP is returned, same as before. Fixes: d4689846881d ("can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once") Reported-by: [email protected] Tested-by: Anant Thazhemadam <[email protected]> Signed-off-by: Anant Thazhemadam <[email protected]> Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Marc Kleine-Budde <[email protected]>

Diffstat (limited to 'lib/mpi/mpi-cmp.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: