Re: [syzbot] [PATCH] Test for aea6bf908d73

From: syzbot
Date: Thu Nov 09 2023 - 08:28:45 EST

Next message: Konrad Dybcio: "Re: [PATCH] soc: qcom: pmic_glink_altmode: fix port sanity check"
Previous message: kernel test robot: "Re: [PATCH] MM: shmem: Remove code sytle warnings"
In reply to: syzbot: "Re: [syzbot] [net?] [nfc?] KASAN: slab-use-after-free Read in nfc_alloc_send_skb"
Next in thread: syzbot: "Re: [syzbot] [PATCH] Test for aea6bf908d73"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

For archival purposes, forwarding an incoming command email to
linux-kernel@xxxxxxxxxxxxxxx.

***

Subject: [PATCH] Test for aea6bf908d73
Author: eadavis@xxxxxx

please test uaf in nfc_alloc_send_skb

#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git aea6bf908d73

diff --git a/net/nfc/llcp_core.c b/net/nfc/llcp_core.c
index 1dac28136e6a..016364890357 100644
--- a/net/nfc/llcp_core.c
+++ b/net/nfc/llcp_core.c
@@ -1640,11 +1640,14 @@ int nfc_llcp_register_device(struct nfc_dev *ndev)
void nfc_llcp_unregister_device(struct nfc_dev *dev)
{
struct nfc_llcp_local *local = nfc_llcp_remove_local(dev);
+ struct nfc_llcp_sock *nls;

if (local == NULL) {
pr_debug("No such device\n");
return;
}
+ nls = container_of(local, struct nfc_llcp_sock, local);
+ nls->local = NULL;

local_cleanup(local);

Next message: Konrad Dybcio: "Re: [PATCH] soc: qcom: pmic_glink_altmode: fix port sanity check"
Previous message: kernel test robot: "Re: [PATCH] MM: shmem: Remove code sytle warnings"
In reply to: syzbot: "Re: [syzbot] [net?] [nfc?] KASAN: slab-use-after-free Read in nfc_alloc_send_skb"
Next in thread: syzbot: "Re: [syzbot] [PATCH] Test for aea6bf908d73"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]