Date: Thu, 1 Aug 2024 20:59:28 GMT From: Michael Tuexen <tuexen@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 1de31f53f9e4 - stable/13 - sctp: don't provide uninitialized memory to process_chunk_drop() Message-ID: <202408012059.471KxSKP072867@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=1de31f53f9e4f3fd9e3cf72f2cfc7d62d17bf1e7 commit 1de31f53f9e4f3fd9e3cf72f2cfc7d62d17bf1e7 Author: Michael Tuexen <tuexen@FreeBSD.org> AuthorDate: 2024-05-08 22:17:13 +0000 Commit: Michael Tuexen <tuexen@FreeBSD.org> CommitDate: 2024-08-01 20:58:51 +0000 sctp: don't provide uninitialized memory to process_chunk_drop() Right now, the code in process_chunk_drop() does not look the the corresponding fields. Therefore, no functional change intended. Reported by: Coverity Scan CID: 1472476 (cherry picked from commit 83dcc7790b11e605c32ec9a091c6bba3bc921083) --- sys/netinet/sctp_input.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sys/netinet/sctp_input.c b/sys/netinet/sctp_input.c index 7ad9eec07897..b6239b0d9ad6 100644 --- a/sys/netinet/sctp_input.c +++ b/sys/netinet/sctp_input.c @@ -4229,6 +4229,8 @@ sctp_handle_packet_dropped(struct sctp_pktdrop_chunk *cp, SCTP_STAT_INCR(sctps_pdrpmbda); } } else { + desc.tsn_ifany = htonl(0); + memset(desc.data_bytes, 0, SCTP_NUM_DB_TO_VERIFY); if (pktdrp_flags & SCTP_FROM_MIDDLE_BOX) { SCTP_STAT_INCR(sctps_pdrpmbct); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202408012059.471KxSKP072867>