Linux-WPAN Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH AUTOSEL 5.11 01/51] net: ieee802154: fix nl802154 del llsec key
@ 2021-04-12 16:22 Sasha Levin
  2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 02/51] net: ieee802154: fix nl802154 del llsec dev Sasha Levin
                   ` (19 more replies)
  0 siblings, 20 replies; 21+ messages in thread
From: Sasha Levin @ 2021-04-12 16:22 UTC (permalink / raw)
  To: linux-kernel, stable
  Cc: Alexander Aring, syzbot+ac5c11d2959a8b3c4806, Stefan Schmidt,
	Sasha Levin, linux-wpan, netdev

From: Alexander Aring <aahringo@redhat.com>

[ Upstream commit 37feaaf5ceb2245e474369312bb7b922ce7bce69 ]

This patch fixes a nullpointer dereference if NL802154_ATTR_SEC_KEY is
not set by the user. If this is the case nl802154 will return -EINVAL.

Reported-by: syzbot+ac5c11d2959a8b3c4806@syzkaller.appspotmail.com
Signed-off-by: Alexander Aring <aahringo@redhat.com>
Link: https://lore.kernel.org/r/20210221174321.14210-1-aahringo@redhat.com
Signed-off-by: Stefan Schmidt <stefan@datenfreihafen.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/ieee802154/nl802154.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/net/ieee802154/nl802154.c b/net/ieee802154/nl802154.c
index 7c5a1aa5adb4..2f0a138bd5eb 100644
--- a/net/ieee802154/nl802154.c
+++ b/net/ieee802154/nl802154.c
@@ -1592,7 +1592,8 @@ static int nl802154_del_llsec_key(struct sk_buff *skb, struct genl_info *info)
 	struct nlattr *attrs[NL802154_KEY_ATTR_MAX + 1];
 	struct ieee802154_llsec_key_id id;
 
-	if (nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))
+	if (!info->attrs[NL802154_ATTR_SEC_KEY] ||
+	    nla_parse_nested_deprecated(attrs, NL802154_KEY_ATTR_MAX, info->attrs[NL802154_ATTR_SEC_KEY], nl802154_key_policy, info->extack))
 		return -EINVAL;
 
 	if (ieee802154_llsec_parse_key_id(attrs[NL802154_KEY_ATTR_ID], &id) < 0)
-- 
2.30.2


^ permalink raw reply	[flat|nested] 21+ messages in thread

end of thread, back to index

Thread overview: 21+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-12 16:22 [PATCH AUTOSEL 5.11 01/51] net: ieee802154: fix nl802154 del llsec key Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 02/51] net: ieee802154: fix nl802154 del llsec dev Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 03/51] net: ieee802154: fix nl802154 add llsec key Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 04/51] net: ieee802154: fix nl802154 del llsec devkey Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 05/51] net: ieee802154: nl-mac: fix check on panid Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 22/51] drivers: net: fix memory leak in atusb_probe Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 28/51] net: ieee802154: forbid monitor for set llsec params Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 29/51] net: ieee802154: stop dump llsec keys for monitors Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 30/51] net: ieee802154: forbid monitor for add llsec key Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 31/51] net: ieee802154: forbid monitor for del " Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 32/51] net: ieee802154: stop dump llsec devs for monitors Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 33/51] net: ieee802154: forbid monitor for add llsec dev Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 34/51] net: ieee802154: forbid monitor for del " Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 35/51] net: ieee802154: stop dump llsec devkeys for monitors Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 36/51] net: ieee802154: forbid monitor for add llsec devkey Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 37/51] net: ieee802154: forbid monitor for del " Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 38/51] net: ieee802154: stop dump llsec seclevels for monitors Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 39/51] net: ieee802154: forbid monitor for add llsec seclevel Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 40/51] net: ieee802154: forbid monitor for del " Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 41/51] net: ieee802154: stop dump llsec params for monitors Sasha Levin
2021-04-12 16:22 ` [PATCH AUTOSEL 5.11 42/51] net: mac802154: Fix general protection fault Sasha Levin

Linux-WPAN Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-wpan/0 linux-wpan/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-wpan linux-wpan/ https://lore.kernel.org/linux-wpan \
		linux-wpan@vger.kernel.org
	public-inbox-index linux-wpan

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-wpan


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git