In both can_rcv(), and canfd_rcv(), when skb->len = 0, cfd->len
(which is uninitialized) is accessed by pr_warn_once().
Performing the validation check for cfd->len separately, after the
validation check for skb->len is done, resolves this issue in both
instances, without compromising the degree of detail provided in the
log messages.
Anant Thazhemadam (2):
can: af_can: prevent potential access of uninitialized member in
can_rcv()
can: af_can: prevent potential access of uninitialized member in
canfd_rcv()
net/can/af_can.c | 38 ++++++++++++++++++++++++++++----------
1 file changed, 28 insertions(+), 10 deletions(-)
--
2.25.1
