linux_dsm_epyc7002/net/ieee802154
vegard.nossum@oracle.com 5b3211dcd4 ieee802154: check device type
I've observed a NULL pointer dereference in ieee802154_del_iface() during
netlink fuzzing. It's the ->wpan_phy dereference here:

        phy = dev->ieee802154_ptr->wpan_phy;

My bet is that we're not checking that this is an IEEE802154 interface,
so let's do what ieee802154_nl_get_dev() is doing. (Maybe we should even
be calling this directly?)

Cc: Lennert Buytenhek <buytenh@wantstofly.org>
Cc: Alexander Aring <alex.aring@gmail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Cc: Sergey Lapin <slapin@ossfans.org>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Acked-by: Alexander Aring <aar@pengutronix.de>
Signed-off-by: Stefan Schmidt <stefan@osg.samsung.com>
2016-11-30 12:33:07 +01:00
..
6lowpan ieee802154: 6lowpan: fix intra pan id check 2016-07-08 13:23:12 +02:00
core.c ieee802154: add netns support 2016-07-08 12:20:57 +02:00
core.h ieee802154: add netns support 2016-07-08 12:20:57 +02:00
header_ops.c ieee802154: change needed headroom/tailroom 2015-09-22 11:51:20 +02:00
ieee802154.h ieee802154: add nl802154 framework 2014-11-09 19:50:29 +01:00
Kconfig nl802154: add support for security layer 2015-09-30 13:16:44 +02:00
Makefile ieee802154: Add trace events for rdev->ops 2015-04-30 18:48:09 +02:00
netlink.c genetlink: mark families as __ro_after_init 2016-10-27 16:16:09 -04:00
nl802154.c genetlink: mark families as __ro_after_init 2016-10-27 16:16:09 -04:00
nl802154.h ieee802154: add nl802154 framework 2014-11-09 19:50:29 +01:00
nl_policy.c ieee802154: mac802154: remove FSF address 2014-10-25 08:07:30 +02:00
nl-mac.c ieee802154: use nla_put_u64_64bit() 2016-04-25 15:09:11 -04:00
nl-phy.c ieee802154: check device type 2016-11-30 12:33:07 +01:00
rdev-ops.h nl802154: add support for security layer 2015-09-30 13:16:44 +02:00
socket.c sock: struct proto hash function may error 2016-02-11 03:54:14 -05:00
sysfs.c cfg802154: add PM hooks 2015-07-23 17:10:49 +02:00
sysfs.h ieee802154: introduce sysfs file 2014-10-28 23:19:09 +01:00
trace.c ieee802154: Add trace events for rdev->ops 2015-04-30 18:48:09 +02:00
trace.h ieee802154: add ack request default handling 2015-08-10 20:43:06 +02:00