Re: [PATCH] can: j1939: prevent allocation of j1939 filter for optlen = 0
From: Oleksij Rempel <o.rempel@pengutronix.de>
Date: 2021-06-21 04:48:04
Also in:
netdev
Hi Norbert, On Sun, Jun 20, 2021 at 02:38:42PM +0200, Norbert Slusarek wrote:
If optval != NULL and optlen = 0 are specified for SO_J1939_FILTER in
j1939_sk_setsockopt(), memdup_sockptr() will return ZERO_PTR for 0 size
allocation. The new filter will be mistakenly assigned ZERO_PTR.
This patch checks for optlen != 0 and filter will be assigned NULL
in case of optlen = 0.
Fixes: a7b75c5a8c41 ("net: pass a sockptr_t into ->setsockopt")
Signed-off-by: Norbert Slusarek <redacted>Acked-by: Oleksij Rempel <o.rempel@pengutronix.de> Thank you!
quoted hunk ↗ jump to hunk
--- net/can/j1939/socket.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)diff --git a/net/can/j1939/socket.c b/net/can/j1939/socket.c index 56aa66147d5a..ff20cb629200 100644 --- a/net/can/j1939/socket.c +++ b/net/can/j1939/socket.c@@ -673,7 +673,7 @@ static int j1939_sk_setsockopt(struct socket *sock, int level, int optname, switch (optname) { case SO_J1939_FILTER: - if (!sockptr_is_null(optval)) { + if (!sockptr_is_null(optval) && optlen != 0) { struct j1939_filter *f; int c; --2.30.2
-- Pengutronix e.K. | | Steuerwalder Str. 21 | http://www.pengutronix.de/ | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |