Commit 18917d51 authored by Andrey Konovalov's avatar Andrey Konovalov Committed by David S. Miller
Browse files

NFC: fix attrs checks in netlink interface 



nfc_genl_deactivate_target() relies on the NFC_ATTR_TARGET_INDEX
attribute being present, but doesn't check whether it is actually
provided by the user. Same goes for nfc_genl_fw_download() and
NFC_ATTR_FIRMWARE_NAME.

This patch adds appropriate checks.

Found with syzkaller.

Signed-off-by: default avatarAndrey Konovalov <andreyknvl@google.com>
Signed-off-by: default avatarAndy Shevchenko <andriy.shevchenko@linux.intel.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent d24b6c62

net/nfc/netlink.c

+4 −2
Original line number Diff line number Diff line
@@ -970,7 +970,8 @@ static int nfc_genl_dep_link_down(struct sk_buff *skb, struct genl_info *info) 
	int rc;

	u32 idx;



	if (!info->attrs[NFC_ATTR_DEVICE_INDEX])

	if (!info->attrs[NFC_ATTR_DEVICE_INDEX] ||

	    !info->attrs[NFC_ATTR_TARGET_INDEX])

		return -EINVAL;



	idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);
@@ -1018,7 +1019,8 @@ static int nfc_genl_llc_get_params(struct sk_buff *skb, struct genl_info *info) 
	struct sk_buff *msg = NULL;

	u32 idx;



	if (!info->attrs[NFC_ATTR_DEVICE_INDEX])

	if (!info->attrs[NFC_ATTR_DEVICE_INDEX] ||

	    !info->attrs[NFC_ATTR_FIRMWARE_NAME])

		return -EINVAL;



	idx = nla_get_u32(info->attrs[NFC_ATTR_DEVICE_INDEX]);

CRA Git | Maintained and supported by SUSTech CRA and CCSE