UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenCloudOS-Kernel/net/nfc/nci
History
Kees Cook e329e71013 NFC: nci: Bounds check struct nfc_target arrays 
While running under CONFIG_FORTIFY_SOURCE=y, syzkaller reported:

  memcpy: detected field-spanning write (size 129) of single field "target->sensf_res" at net/nfc/nci/ntf.c:260 (size 18)

This appears to be a legitimate lack of bounds checking in
nci_add_new_protocol(). Add the missing checks.

Reported-by: syzbot+210e196cef4711b65139@syzkaller.appspotmail.com
Link: https://lore.kernel.org/lkml/0000000000001c590f05ee7b3ff4@google.com
Fixes: 019c4fbaa7 ("NFC: Add NCI multiple targets support")
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org>
Link: https://lore.kernel.org/r/20221202214410.never.693-kees@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2022-12-05 17:46:25 -08:00
..
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
core.c nfc/nci: fix race with opening and closing 2022-11-18 12:37:11 +00:00
data.c NFC: nci: fix memory leak in nci_rx_data_packet() 2022-11-22 12:42:23 +01:00
hci.c NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc 2022-05-17 17:55:53 -07:00
lib.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
ntf.c NFC: nci: Bounds check struct nfc_target arrays 2022-12-05 17:46:25 -08:00
rsp.c nfc: nci: fix the UAF of rf_conn_info object 2021-10-08 17:24:32 +01:00
spi.c nfc: nci: constify several pointers to u8, sk_buff and other structs 2021-07-30 17:22:52 +02:00
uart.c tty: remove file from tty_ldisc_ops::ioctl and compat_ioctl 2021-11-25 18:36:27 +01:00