superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/drivers/nfc
History
Thadeu Lima de Souza Cascardo f40ddcc0c0 Revert "nfc/nci: Add the inconsistency check between the input data length and count" 
This reverts commit 068648aab7.

NFC packets may have NUL-bytes. Checking for string length is not a correct
assumption here. As long as there is a check for the length copied from
copy_from_user, all should be fine.

The fix only prevented the syzbot reproducer from triggering the bug
because the packet is not enqueued anymore and the code that triggers the
bug is not exercised.

The fix even broke
testing/selftests/nci/nci_dev, making all tests there fail. After the
revert, 6 out of 8 tests pass.

Fixes: 068648aab7 ("nfc/nci: Add the inconsistency check between the input data length and count")
Cc: stable@vger.kernel.org
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@igalia.com>
Link: https://patch.msgid.link/20260113202458.449455-1-cascardo@igalia.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2026-01-17 18:02:50 -08:00
..
fdp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-06-22 18:40:38 -07:00
microread nfc: Drop explicit initialization of struct i2c_device_id::driver_data to 0 2024-06-20 19:28:31 -07:00
nfcmrvl treewide, timers: Rename from_timer() to timer_container_of() 2025-06-08 09:07:37 +02:00
nxp-nci move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
pn533 nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() 2025-12-11 01:40:00 -08:00
pn544 move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
s3fwrn5 nfc: s3fwrn5: Use SHA-1 library instead of crypto_shash 2025-08-18 17:29:08 -07:00
st-nci treewide, timers: Rename from_timer() to timer_container_of() 2025-06-08 09:07:37 +02:00
st21nfca treewide, timers: Rename from_timer() to timer_container_of() 2025-06-08 09:07:37 +02:00
st95hf nfc: st95hf: drop driver owner assignment 2024-03-29 12:32:51 -07:00
Kconfig
Makefile
mei_phy.c nfc: mei_phy: constify buffer passed to mei_nfc_send() 2021-07-29 12:28:02 +01:00
mei_phy.h NFC: mei_phy: fix kernel-doc warnings 2025-11-17 19:32:32 -08:00
nfcsim.c nfcsim.c: Fix error checking for debugfs_create_dir 2023-05-26 12:18:35 +01:00
port100.c NFC: port100: fix use-after-free in port100_send_complete 2022-03-09 19:59:34 -08:00
trf7970a.c NFC: trf7970a: Create device-tree parameter for RX gain reduction 2025-06-27 15:08:57 -07:00
virtual_ncidev.c Revert "nfc/nci: Add the inconsistency check between the input data length and count" 2026-01-17 18:02:50 -08:00