Commit b831f342 authored by Haimin Zhang's avatar Haimin Zhang Committed by Jialin Zhang
Browse files

net/ieee802154: fix uninit value bug in dgram_sendmsg 

stable inclusion
from stable-v5.10.148
commit c1337f8ea8619404b08a5dec837df5643a3fd5c8
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I6D0WL

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=c1337f8ea8619404b08a5dec837df5643a3fd5c8



--------------------------------

[ Upstream commit 94160108 ]

There is uninit value bug in dgram_sendmsg function in
net/ieee802154/socket.c when the length of valid data pointed by the
msg->msg_name isn't verified.

We introducing a helper function ieee802154_sockaddr_check_size to
check namelen. First we check there is addr_type in ieee802154_addr_sa.
Then, we check namelen according to addr_type.

Also fixed in raw_bind, dgram_bind, dgram_connect.

Signed-off-by: default avatarHaimin Zhang <tcs_kernel@tencent.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarJialin Zhang <zhangjialin11@huawei.com>
Reviewed-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 7e2fc544
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment