git.karo-electronics.de Git - karo-tx-linux.git/commit

ieee802154: check device type

I've observed a NULL pointer dereference in ieee802154_del_iface() during
netlink fuzzing. It's the ->wpan_phy dereference here:

phy = dev->ieee802154_ptr->wpan_phy;

My bet is that we're not checking that this is an IEEE802154 interface,
so let's do what ieee802154_nl_get_dev() is doing. (Maybe we should even
be calling this directly?)

Cc: Lennert Buytenhek <buytenh@wantstofly.org>
Cc: Alexander Aring <alex.aring@gmail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
Cc: Sergey Lapin <slapin@ossfans.org>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
Acked-by: Alexander Aring <aar@pengutronix.de>
Signed-off-by: Stefan Schmidt <stefan@osg.samsung.com>

author	vegard.nossum@oracle.com <vegard.nossum@oracle.com>
	Wed, 20 Jul 2016 08:43:11 +0000 (10:43 +0200)
committer	Stefan Schmidt <stefan@osg.samsung.com>
	Wed, 30 Nov 2016 11:33:07 +0000 (12:33 +0100)
commit	5b3211dcd43582c48291e7fc22b2e6d5c7faded5
tree	d52a2580b9b4cecdea672f017ef3014d5e88344f	tree \| snapshot
parent	1ae6d00ad05730bca283dc09e7a9c162c2f22b01	commit \| diff