tomoyo: Check address length before reading address family

KMSAN will complain if valid address length passed to bind()/connect()/ sendmsg() is shorter than sizeof("struct sockaddr"->sa_family) bytes. Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jamorris@linux.microsoft.com>
author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> 2019-04-12 06:59:36 -0400
committer: James Morris <jamorris@linux.microsoft.com> 2019-05-10 17:58:25 -0400
commit: e6193f78bb689f3f424559bb45f4a091c8b314df (patch)
tree: 8c51acf92c910b500cd4622df6e11b949de7118b
parent: e80b18599a39a625bc8b2e39ba3004a62f78805a (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/security/tomoyo/network.c b/security/tomoyo/network.c
index 9094f4b3b367..f9ff121d7e1e 100644
--- a/security/tomoyo/network.c
+++ b/security/tomoyo/network.c
@@ -505,6 +505,8 @@ static int tomoyo_check_inet_address(const struct sockaddr *addr,
 {
        struct tomoyo_inet_addr_info *i = &address->inet;
+        if (addr_len < offsetofend(struct sockaddr, sa_family))
+                return 0;
        switch (addr->sa_family) {
        case AF_INET6:
                if (addr_len < SIN6_LEN_RFC2133)
@@ -594,6 +596,8 @@ static int tomoyo_check_unix_address(struct sockaddr *addr,
 {
        struct tomoyo_unix_addr_info *u = &address->unix0;
+        if (addr_len < offsetofend(struct sockaddr, sa_family))
+                return 0;
        if (addr->sa_family != AF_UNIX)
                return 0;
        u->addr = ((struct sockaddr_un *) addr)->sun_path;
author	Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>	2019-04-12 06:59:36 -0400
committer	James Morris <jamorris@linux.microsoft.com>	2019-05-10 17:58:25 -0400
commit	e6193f78bb689f3f424559bb45f4a091c8b314df (patch)
tree	8c51acf92c910b500cd4622df6e11b949de7118b
parent	e80b18599a39a625bc8b2e39ba3004a62f78805a (diff)