stuartl/linux-stable
1
0
Fork 0
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux-stable.git synced 2025-10-25 15:17:01 +10:00
Code Issues Releases Wiki Activity
9d1a3c7474
linux-stable/net
History
Arnd Bergmann 9d1a3c7474 Bluetooth: avoid memcmp() out of bounds warning 
bacmp() is a wrapper around memcpy(), which contain compile-time
checks for buffer overflow. Since the hci_conn_request_evt() also calls
bt_dev_dbg() with an implicit NULL pointer check, the compiler is now
aware of a case where 'hdev' is NULL and treats this as meaning that
zero bytes are available:

In file included from net/bluetooth/hci_event.c:32:
In function 'bacmp',
    inlined from 'hci_conn_request_evt' at net/bluetooth/hci_event.c:3276:7:
include/net/bluetooth/bluetooth.h:364:16: error: 'memcmp' specified bound 6 exceeds source size 0 [-Werror=stringop-overread]
  364 |         return memcmp(ba1, ba2, sizeof(bdaddr_t));
      |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Add another NULL pointer check before the bacmp() to ensure the compiler
understands the code flow enough to not warn about it.  Since the patch
that introduced the warning is marked for stable backports, this one
should also go that way to avoid introducing build regressions.

Fixes: 1ffc6f8cc3 ("Bluetooth: Reject connection with the device which has same BD_ADDR")
Cc: Kees Cook <keescook@chromium.org>
Cc: "Lee, Chun-Yi" <jlee@suse.com>
Cc: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: stable@vger.kernel.org
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
2023-10-13 20:04:45 -07:00
..
6lowpan
9p
802
8021q
appletalk
atm
ax25 ax25: Kconfig: Update link for linux-ax25.org 2023-09-18 12:56:58 +01:00
batman-adv
bluetooth Bluetooth: avoid memcmp() out of bounds warning 2023-10-13 20:04:45 -07:00
bpf
bpfilter
bridge neighbour: fix data-races around n->output 2023-10-01 17:14:37 +01:00
caif
can can: isotp: isotp_sendmsg(): fix TX state detection and wait behavior 2023-10-06 12:54:33 +02:00
ceph
core net: refine debug info in skb_checksum_help() 2023-10-09 19:46:41 -07:00
dcb
dccp dccp: fix dccp_v4_err()/dccp_v6_err() again 2023-09-18 07:10:31 +01:00
devlink devlink: Hold devlink lock on health reporter dump get 2023-10-06 15:56:46 -07:00
dns_resolver
dsa
ethernet
ethtool ethtool: Fix mod state of verbose no_mask bitset 2023-10-10 19:48:15 -07:00
handshake net/handshake: Fix memory leak in __sock_create() and sock_alloc_file() 2023-09-20 11:54:49 +01:00
hsr net: hsr: Add __packed to struct hsr_sup_tlv. 2023-09-18 08:26:19 +01:00
ieee802154
ife
ipv4 tcp: fix delayed ACKs for MSS boundary condition 2023-10-04 15:34:18 -07:00
ipv6 ipv6: tcp: add a missing nf_reset_ct() in 3WHS handling 2023-10-03 09:49:24 +02:00
iucv
kcm kcm: Fix error handling for SOCK_DGRAM in kcm_sendmsg(). 2023-09-14 10:43:51 +02:00
key
l2tp ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() 2023-10-01 18:19:27 +01:00
l3mdev
lapb
llc
mac80211 wifi: mac80211: Create resources for disabled links 2023-09-26 09:12:47 +02:00
mac802154
mctp mctp: perform route lookups under a RCU read-side lock 2023-10-10 19:43:22 -07:00
mpls
mptcp mptcp: userspace pm allow creating id 0 subflow 2023-10-05 09:34:32 -07:00
ncsi ncsi: Propagate carrier gain/loss events to the NCSI controller 2023-09-18 07:06:05 +01:00
netfilter netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure 2023-10-04 15:57:28 +02:00
netlabel
netlink netlink: annotate data-races around sk->sk_err 2023-10-04 17:32:54 -07:00
netrom
nfc net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() 2023-10-10 19:44:44 -07:00
nsh
openvswitch
packet
phonet
psample
qrtr
rds net: prevent address rewrite in kernel_bind() 2023-10-01 19:31:29 +01:00
rfkill rfkill: sync before userspace visibility/changes 2023-09-18 09:36:57 +02:00
rose
rxrpc
sched net: sched: cls_u32: Fix allocation size in u32_init() 2023-10-06 11:43:05 +01:00
sctp sctp: update hb timer immediately after users change hb_interval 2023-10-04 17:29:58 -07:00
smc net/smc: Fix pos miscalculation in statistics 2023-10-11 10:36:35 +01:00
strparser
sunrpc SUNRPC/TLS: Lock the lower_xprt during the tls handshake 2023-09-27 15:16:40 -04:00
switchdev
tipc tipc: fix a potential deadlock on &tx->lock 2023-10-04 13:24:12 -07:00
tls net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() 2023-09-12 09:51:49 +02:00
unix Including fixes from netfilter and bpf. 2023-09-07 18:33:07 -07:00
vmw_vsock
wireless wifi: cfg80211: avoid leaking stack data into trace 2023-09-26 09:12:27 +02:00
x25
xdp xdp: Fix zero-size allocation warning in xskq_create() 2023-10-09 16:13:29 +02:00
xfrm
compat.c
devres.c
Kconfig
Kconfig.debug
Makefile
socket.c net: prevent address rewrite in kernel_bind() 2023-10-01 19:31:29 +01:00
sysctl_net.c