]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
can: isotp: sanitize CAN ID checks in isotp_bind()
authorOliver Hartkopp <socketcan@hartkopp.net>
Wed, 16 Mar 2022 16:42:56 +0000 (17:42 +0100)
committerMarc Kleine-Budde <mkl@pengutronix.de>
Wed, 16 Mar 2022 20:41:39 +0000 (21:41 +0100)
commit3ea566422cbde9610c2734980d1286ab681bb40e
tree47d0a5d794657e7ac2c30b6e7ca7449b667e0db9
parent231fdac3e58f4e52e387930c73bf535439607563
can: isotp: sanitize CAN ID checks in isotp_bind()

Syzbot created an environment that lead to a state machine status that
can not be reached with a compliant CAN ID address configuration.
The provided address information consisted of CAN ID 0x6000001 and 0xC28001
which both boil down to 11 bit CAN IDs 0x001 in sending and receiving.

Sanitize the SFF/EFF CAN ID values before performing the address checks.

Fixes: e057dd3fc20f ("can: add ISO 15765-2:2016 transport protocol")
Link: https://lore.kernel.org/all/20220316164258.54155-1-socketcan@hartkopp.net
Reported-by: syzbot+2339c27f5c66c652843e@syzkaller.appspotmail.com
Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
net/can/isotp.c