aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sys/linux/socket_netlink_generic_80211.txt.warn2
-rw-r--r--tools/syz-check/check.go30
2 files changed, 20 insertions, 12 deletions
diff --git a/sys/linux/socket_netlink_generic_80211.txt.warn b/sys/linux/socket_netlink_generic_80211.txt.warn
index 1df878b3a..c3953223f 100644
--- a/sys/linux/socket_netlink_generic_80211.txt.warn
+++ b/sys/linux/socket_netlink_generic_80211.txt.warn
@@ -15,10 +15,8 @@ bad-netlink-attr: nl80211_policy$connect.NL80211_ATTR_WIPHY_EDMG_CHANNELS: bad m
bad-netlink-attr: nl80211_policy$connect.NL80211_ATTR_WIPHY_EDMG_BW_CONFIG: bad min value 0, expect 4
bad-netlink-attr: nl80211_pmsr_ftm_req_attr_policy: missing attributes: [12]
no-such-netlink-policy: nl80211_psmr_peer_attr_policy
-bad-netlink-attr: nl80211_pmsr_attr_policy.NL80211_PMSR_ATTR_PEERS: unhandled type NLA_NESTED_ARRAY
bad-netlink-attr: nl80211_policy$setdel_pmksa.NL80211_ATTR_FILS_CACHE_ID: bad min value 0, expect 2
no-such-struct: nl80211_qos_map_dscp_exception
no-such-netlink-policy: nl80211_cqm
bad-netlink-attr: nl80211_tid_config_attr_policy.NL80211_TID_CONFIG_ATTR_RETRY_SHORT: bad max value 255, expect 0
bad-netlink-attr: nl80211_tid_config_attr_policy.NL80211_TID_CONFIG_ATTR_RETRY_LONG: bad max value 255, expect 0
-bad-netlink-attr: nl80211_policy$set_tid_config.NL80211_ATTR_TID_CONFIG: unhandled type NLA_NESTED_ARRAY
diff --git a/tools/syz-check/check.go b/tools/syz-check/check.go
index 2634f27f7..12b5b431e 100644
--- a/tools/syz-check/check.go
+++ b/tools/syz-check/check.go
@@ -632,25 +632,33 @@ func checkNetlinkAttr(typ *prog.StructType, policy nlaPolicy) string {
return ""
}
-func minTypeSize(typ prog.Type) int {
- if !typ.Varlen() {
- return int(typ.Size())
+func minTypeSize(t prog.Type) int {
+ if !t.Varlen() {
+ return int(t.Size())
}
- if str, ok := typ.(*prog.StructType); ok {
+ switch typ := t.(type) {
+ case *prog.StructType:
// Some struct args has trailing arrays, but are only checked for min size.
// Try to get some estimation for min size of this struct.
size := 0
- for _, field := range str.Fields {
+ for _, field := range typ.Fields {
if !field.Varlen() {
size += int(field.Size())
}
}
return size
- }
- if arr, ok := typ.(*prog.ArrayType); ok {
- if arr.Kind == prog.ArrayRangeLen && !arr.Elem.Varlen() {
- return int(arr.RangeBegin * arr.Elem.Size())
+ case *prog.ArrayType:
+ if typ.Kind == prog.ArrayRangeLen && !typ.Elem.Varlen() {
+ return int(typ.RangeBegin * typ.Elem.Size())
+ }
+ case *prog.UnionType:
+ size := 0
+ for _, field := range typ.Fields {
+ if size1 := minTypeSize(field.Type); size1 != -1 && size > size1 || size == 0 {
+ size = size1
+ }
}
+ return size
}
return -1
}
@@ -670,7 +678,9 @@ func checkAttrType(typ *prog.StructType, payload prog.Type, policy nlaPolicy) st
return "should be nlattr[nla_bitfield32]"
}
case NLA_NESTED_ARRAY:
- return "unhandled type NLA_NESTED_ARRAY"
+ if _, ok := payload.(*prog.ArrayType); !ok {
+ return "expect array"
+ }
case NLA_REJECT:
return "NLA_REJECT attribute will always be rejected"
}
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 20:43:48 +0000