Re: [PATCH v2] net: 6pack: fix slab-out-of-bounds in decode_data

From: patchwork-bot+netdevbpf
Date: Mon Aug 16 2021 - 06:10:17 EST

Next message: patchwork-bot+netdevbpf: "Re: [PATCH net-next 1/1] net: phy: marvell: Add WAKE_PHY support to WOL event"
Previous message: kernel test robot: "Re: [PATCH 5/7] genirq/affinity: move group_cpus_evenly() into lib/"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello:

This patch was applied to netdev/net.git (refs/heads/master):

On Fri, 13 Aug 2021 18:14:33 +0300 you wrote:
> Syzbot reported slab-out-of bounds write in decode_data().
> The problem was in missing validation checks.
>
> Syzbot's reproducer generated malicious input, which caused
> decode_data() to be called a lot in sixpack_decode(). Since
> rx_count_cooked is only 400 bytes and noone reported before,
> that 400 bytes is not enough, let's just check if input is malicious
> and complain about buffer overrun.
>
> [...]

Here is the summary with links:
- [v2] net: 6pack: fix slab-out-of-bounds in decode_data
https://git.kernel.org/netdev/net/c/19d1532a1876

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html

Next message: patchwork-bot+netdevbpf: "Re: [PATCH net-next 1/1] net: phy: marvell: Add WAKE_PHY support to WOL event"
Previous message: kernel test robot: "Re: [PATCH 5/7] genirq/affinity: move group_cpus_evenly() into lib/"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]