commit 2aa39889c463195a0dfe2aff9fad413139c32a4f upstream
Commit 3ea566422cbd ("can: isotp: sanitize CAN ID checks in
isotp_bind()") checks the given CAN ID address information by
sanitizing the input values.
This check (silently) removes obsolete bits by masking the given CAN
IDs.
Derek Will suggested to give a feedback to the application programmer
when the 'sanitizing' was actually needed which means the programmer
provided CAN ID content in a wrong format (e.g. SFF CAN IDs with a CAN
ID > 0x7FF).
Link: https://lore.kernel.org/all/20220515181633.76671-1-socketcan@xxxxxxxxxxxx
Suggested-by: Derek Will <derekrobertwill@xxxxxxxxx>
Signed-off-by: Oliver Hartkopp <socketcan@xxxxxxxxxxxx>
Signed-off-by: Marc Kleine-Budde <mkl@xxxxxxxxxxxxxx>
---
net/can/isotp.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/net/can/isotp.c b/net/can/isotp.c
index fb179a333784..902cb61b6495 100644
--- a/net/can/isotp.c
+++ b/net/can/isotp.c
@@ -1140,10 +1140,15 @@ static int isotp_bind(struct socket *sock, struct sockaddr *uaddr, int len)
if (rx_id & CAN_EFF_FLAG)
rx_id &= (CAN_EFF_FLAG | CAN_EFF_MASK);
else
rx_id &= CAN_SFF_MASK;
+ /* give feedback on wrong CAN-ID values */
+ if (tx_id != addr->can_addr.tp.tx_id ||
+ rx_id != addr->can_addr.tp.rx_id)
+ return -EINVAL;
+
if (!addr->can_ifindex)
return -ENODEV;
lock_sock(sk);
--
2.34.1
