Re: [PATCH net v5] nfc: nci: Fix uninit-value in nci_rx_work

From: Krzysztof Kozlowski
Date: Mon May 20 2024 - 05:57:30 EST

Next message: AngeloGioacchino Del Regno: "Re: [PATCH 3/4] arm64: dts: mediatek: mt8365: drop incorrect power-domain-cells"
Previous message: Christophe JAILLET: "[PATCH] media: intel/ipu6: Fix some redundant resources freeing in ipu6_pci_remove()"
In reply to: Ryosuke Yasuoka: "[PATCH net v5] nfc: nci: Fix uninit-value in nci_rx_work"
Next in thread: patchwork-bot+netdevbpf: "Re: [PATCH net v5] nfc: nci: Fix uninit-value in nci_rx_work"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 19/05/2024 11:43, Ryosuke Yasuoka wrote:
> syzbot reported the following uninit-value access issue [1]
>
> nci_rx_work() parses received packet from ndev->rx_q. It should be
> validated header size, payload size and total packet size before
> processing the packet. If an invalid packet is detected, it should be
> silently discarded.
>
> Fixes: d24b03535e5e ("nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet")
> Reported-and-tested-by: syzbot+d7b4dc6cd50410152534@xxxxxxxxxxxxxxxxxxxxxxxxx
> Closes: https://syzkaller.appspot.com/bug?extid=d7b4dc6cd50410152534 [1]
> Signed-off-by: Ryosuke Yasuoka <ryasuoka@xxxxxxxxxx>
> ---
> v5

Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@xxxxxxxxxx>

Best regards,
Krzysztof

Next message: AngeloGioacchino Del Regno: "Re: [PATCH 3/4] arm64: dts: mediatek: mt8365: drop incorrect power-domain-cells"
Previous message: Christophe JAILLET: "[PATCH] media: intel/ipu6: Fix some redundant resources freeing in ipu6_pci_remove()"
In reply to: Ryosuke Yasuoka: "[PATCH net v5] nfc: nci: Fix uninit-value in nci_rx_work"
Next in thread: patchwork-bot+netdevbpf: "Re: [PATCH net v5] nfc: nci: Fix uninit-value in nci_rx_work"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]