Re: [PATCH] net/ieee802154: fix uninit value bug in dgram_sendmsg

[Stefan Schmidt]

Hello.

On 22.08.22 09:19, Haimin Zhang wrote:
> There is uninit value bug in dgram_sendmsg function in
> net/ieee802154/socket.c when the length of valid data pointed by the
> msg->msg_name isn't verified.
>
> This length is specified by msg->msg_namelen. Function
> ieee802154_addr_from_sa is called by dgram_sendmsg, which use
> msg->msg_name as struct sockaddr_ieee802154* and read it, that will
> eventually lead to uninit value read. So we should check the length of
> msg->msg_name is not less than sizeof(struct sockaddr_ieee802154)
> before entering the ieee802154_addr_from_sa.
>
> Signed-off-by: Haimin Zhang <tcs_kernel@xxxxxxxxxxx>


This patch has been applied to the wpan tree and will be
part of the next pull request to net. Thanks!

Btw, I got a warning from the checkpatch script that your author and SOB 
email addresses do not match. Might be a good idea to fix this.
If you are having trouble to send patches through the company mail 
server there is always the option to use the gmail address for sending 
the mail and an internal From: header in the patch to fix up the author.

regards
Stefan Schmidt