On 11/3/20 10:39 PM, Anant Thazhemadam wrote: > In both can_rcv(), and canfd_rcv(), when skb->len = 0, cfd->len > (which is uninitialized) is accessed by pr_warn_once(). > > Performing the validation check for cfd->len separately, after the > validation check for skb->len is done, resolves this issue in both > instances, without compromising the degree of detail provided in the > log messages. > > Anant Thazhemadam (2): > can: af_can: prevent potential access of uninitialized member in > can_rcv() > can: af_can: prevent potential access of uninitialized member in > canfd_rcv() > > net/can/af_can.c | 38 ++++++++++++++++++++++++++++---------- > 1 file changed, 28 insertions(+), 10 deletions(-) > Applied both to linux-can/testing Tnx, Marc -- Pengutronix e.K. | Marc Kleine-Budde | Embedded Linux | https://www.pengutronix.de | Vertretung West/Dortmund | Phone: +49-231-2826-924 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Attachment:
signature.asc
Description: OpenPGP digital signature
