Date: Sun, 6 Apr 2025 22:51:09 GMT From: Mark Johnston <markj@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 014ce35640bf - stable/14 - vfs: Return early from sysctl_vfs_ctl() if no input was given Message-ID: <202504062251.536Mp9cU077051@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=014ce35640bf1a00edf3f7163c3248bb484c29f2 commit 014ce35640bf1a00edf3f7163c3248bb484c29f2 Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2025-03-20 01:34:18 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2025-04-06 13:54:03 +0000 vfs: Return early from sysctl_vfs_ctl() if no input was given Otherwise we end up searching for a mountpoint using an uninitialized key, and likely failing the version test. This violates KMSAN's invariants, so simply return immediately instead. MFC after: 2 weeks (cherry picked from commit d8703cd80247ca203b817305753bda2b7dbfb5ef) --- sys/kern/vfs_subr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index 5a0a7f9161ed..6c116448a59a 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -6451,6 +6451,8 @@ sysctl_vfs_ctl(SYSCTL_HANDLER_ARGS) int error; struct mount *mp; + if (req->newptr == NULL) + return (EINVAL); error = SYSCTL_IN(req, &vc, sizeof(vc)); if (error) return (error);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202504062251.536Mp9cU077051>