OpenCloudOS-Kernel/drivers/net/ieee802154
Pavel Skripkin 754e438235 ieee802154: atusb: fix uninit value in atusb_set_extended_addr
Alexander reported a use of uninitialized value in
atusb_set_extended_addr(), that is caused by reading 0 bytes via
usb_control_msg().

Fix it by validating if the number of bytes transferred is actually
correct, since usb_control_msg() may read less bytes, than was requested
by caller.

Fail log:

BUG: KASAN: uninit-cmp in ieee802154_is_valid_extended_unicast_addr include/linux/ieee802154.h:310 [inline]
BUG: KASAN: uninit-cmp in atusb_set_extended_addr drivers/net/ieee802154/atusb.c:1000 [inline]
BUG: KASAN: uninit-cmp in atusb_probe.cold+0x29f/0x14db drivers/net/ieee802154/atusb.c:1056
Uninit value used in comparison: 311daa649a2003bd stack handle: 000000009a2003bd
 ieee802154_is_valid_extended_unicast_addr include/linux/ieee802154.h:310 [inline]
 atusb_set_extended_addr drivers/net/ieee802154/atusb.c:1000 [inline]
 atusb_probe.cold+0x29f/0x14db drivers/net/ieee802154/atusb.c:1056
 usb_probe_interface+0x314/0x7f0 drivers/usb/core/driver.c:396

Fixes: 7490b008d1 ("ieee802154: add support for atusb transceiver")
Reported-by: Alexander Potapenko <glider@google.com>
Acked-by: Alexander Aring <aahringo@redhat.com>
Signed-off-by: Pavel Skripkin <paskripkin@gmail.com>
Link: https://lore.kernel.org/r/20220104182806.7188-1-paskripkin@gmail.com
Signed-off-by: Stefan Schmidt <stefan@datenfreihafen.org>
2022-01-04 20:10:04 +01:00
..
Kconfig treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
Makefile ieee802154: hwsim: add replacement for fakelb 2018-08-06 11:21:15 +02:00
adf7242.c ieee802154/adf7242: check status of adf7242_read_reg 2020-08-03 20:19:21 +02:00
at86rf230.c ieee802154: no need to check return value of debugfs_create functions 2019-08-10 15:25:48 -07:00
at86rf230.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
atusb.c ieee802154: atusb: fix uninit value in atusb_set_extended_addr 2022-01-04 20:10:04 +01:00
atusb.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 372 2019-06-05 17:37:10 +02:00
ca8210.c ieee802154: Remove redundant 'flush_workqueue()' calls 2021-10-19 13:23:38 +01:00
cc2520.c Merge tag 'ieee802154-for-davem-2019-11-13' of git://git.kernel.org/pub/scm/linux/kernel/git/sschmidt/wpan-next 2019-11-13 12:12:34 -08:00
fakelb.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
mac802154_hwsim.c ieee802154: hwsim: fix GPF in hwsim_new_edge_nl 2021-07-08 09:37:03 +02:00
mac802154_hwsim.h ieee802154: hwsim: add replacement for fakelb 2018-08-06 11:21:15 +02:00
mcr20a.c ieee802154: mcr20a: simplify a bit 'mcr20a_handle_rx_read_buf_complete()' 2019-09-25 08:16:51 +02:00
mcr20a.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
mrf24j40.c net: ieee802154: mrf24j40: Drop unneeded of_match_ptr() 2021-06-03 10:32:04 +02:00