Received: by 2002:a25:c205:0:0:0:0:0 with SMTP id s5csp2046203ybf; Mon, 2 Mar 2020 00:39:56 -0800 (PST) X-Google-Smtp-Source: APXvYqxO2kzPwW14AxBFL6VgzpXL5H6QxvsAguP0yuyRRhw8bTE+2YbAQAMfOz/XGsl0s60rIV3k X-Received: by 2002:aca:5007:: with SMTP id e7mr9227428oib.99.1583138396170; Mon, 02 Mar 2020 00:39:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1583138396; cv=none; d=google.com; s=arc-20160816; b=YeuWPzE3R4RboF2aaW5djeZPBs5QnbOTKv55bJL5d9CdKIMQ5HvscIjfzgeQ+nVBm3 hNTpiawon6rWu0wnkF5fB1tbqe4SRLZsaVb2kDTI+K//hEMwfac7WPWSQv6U4nDQntW1 gAcklRf5WlcTFOi7JFEXsJYV4WdHl6Aq4KQdhyujRN/mQQL+x6A/De6QBLwN9uds3YUo 4IHDvwknxrgGEAIAOfqdF8PsSMbi8sfNvLWB+PllT+6IBzNY/2sovDwcIHZ12iNnKLAc Edk4S0XFzNoGxRQhokUi+4+Di/lnmjV/N4P+ssX+TJWwvbP276i9YfQIZtPQP06OiuCu n/xQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:to:subject:dkim-signature; bh=dyg4AOlIJyThsXs5J5Vubyx8MvOEPr/tJdn+Z7Tzl30=; b=E2/v+LTFBquHyWj+aHkFuVGVIAJSaOVtO69MQUpL94San0b+Ik6/wzf/T+JC87oAv2 JSOsAphISeFTO9GlOOHUOcIlfjkzoNe0enbZJVMb3Puyl+52i68Bvkr7e7A0KpnN42bb mLWDvGNCdnCxR0S6kdDTJpgGnVTzF4x+wvg0KmDXA5DZIqPZG8cSeUM9Mp/4N/XTL11Y H2yefRfKSIdGhvNUbOc6wD7PdRBqppTKqwjd1SnFM7c50VgoFiqrjLqFoFc/PXr8Zc9C Ps5dXXW5md3bi+r7UauJf6Yt6hQ92A9/SSTBEy5rxWdoeal3TnJmfnp9qt3rG6PSdMtZ 9zSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@hartkopp.net header.s=strato-dkim-0002 header.b=dMnWkR7W; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d14si5286078oic.201.2020.03.02.00.39.43; Mon, 02 Mar 2020 00:39:56 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@hartkopp.net header.s=strato-dkim-0002 header.b=dMnWkR7W; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727178AbgCBIiH (ORCPT + 99 others); Mon, 2 Mar 2020 03:38:07 -0500 Received: from mo4-p01-ob.smtp.rzone.de ([85.215.255.52]:12998 "EHLO mo4-p01-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727030AbgCBIiH (ORCPT ); Mon, 2 Mar 2020 03:38:07 -0500 X-Greylist: delayed 351 seconds by postgrey-1.27 at vger.kernel.org; Mon, 02 Mar 2020 03:38:06 EST DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1583138286; s=strato-dkim-0002; d=hartkopp.net; h=In-Reply-To:Date:Message-ID:From:References:To:Subject: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=dyg4AOlIJyThsXs5J5Vubyx8MvOEPr/tJdn+Z7Tzl30=; b=dMnWkR7W9G9pQOsssqo1hdl0VcUddhnY2J0bEerrmUgpcMi3gl+reWuiLUmvKJLMbu GAZJw4YGzRx0aR3NPLHxbdbHJ7UN38B9Nz6rqhaRf/jXobPIEVh3Z4r/JXFnfLUVgpsp gXWiofM6pdO5arkJbUOjb5+83TDB/gJjgrHzcKqCRwHP553dsc0rn5UrbdCXCz57MXXC wX6e3g/bOOv3pvnMKMGwxSNp/484VYy+QAnVdHGmfI2Ll67UeRaBSi3g+avK0WcOivaU lYldXlqfm7KSY2kjZToh+pBHWXk43xABEa5TZU+BDaHQK10RJ1fiL5Aqm6MAyx511G1i lt7Q== X-RZG-AUTH: ":P2MHfkW8eP4Mre39l357AZT/I7AY/7nT2yrDxb8mjG14FZxedJy6qgO1o3PMaViOoLMJVMh6kEtw" X-RZG-CLASS-ID: mo00 Received: from [192.168.1.177] by smtp.strato.de (RZmta 46.2.0 DYNA|AUTH) with ESMTPSA id e0a4ffw228W255z (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256 bits)) (Client did not present a certificate); Mon, 2 Mar 2020 09:32:02 +0100 (CET) Subject: Re: KASAN: use-after-free Read in slcan_open To: syzbot , davem@davemloft.net, dvyukov@google.com, jouni.hogander@unikie.com, linux-can@vger.kernel.org, linux-kernel@vger.kernel.org, mkl@pengutronix.de, netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com, wg@grandegger.com References: <00000000000099fb63059fd95165@google.com> From: Oliver Hartkopp Message-ID: <2f8c5b49-ae02-e269-97cf-b4a979f950ac@hartkopp.net> Date: Mon, 2 Mar 2020 09:31:58 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 In-Reply-To: <00000000000099fb63059fd95165@google.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org #sys fix: can: slcan: Fix use-after-free Read in slcan_open https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/net/can/slcan.c?id=9ebd796e24008f33f06ebea5a5e6aceb68b51794 Thanks, Oliver On 02/03/2020 07.30, syzbot wrote: > This bug is marked as fixed by commit: > slcan: Fix use-after-free Read in slcan_open > But I can't find it in any tested tree for more than 90 days. > Is it a correct commit? Please update it by replying: > #syz fix: exact-commit-title > Until then the bug is still considered open and > new crashes with the same signature are ignored. >