Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 08 Dec 2025 15:44:08 +0000
From:      Bjoern A. Zeeb <bz@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org
Subject:   git: d389d1ac1699 - stable/15 - LinuxKPI: 802.11: initialize the passed in chandef in cfg80211_chandef_create
Message-ID:  <6936f248.36d5a.519688a9@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 

The branch stable/15 has been updated by bz:

URL: https://cgit.FreeBSD.org/src/commit/?id=d389d1ac1699aea517a18cf73486e7077cfbda46

commit d389d1ac1699aea517a18cf73486e7077cfbda46
Author:     Bjoern A. Zeeb <bz@FreeBSD.org>
AuthorDate: 2025-11-17 22:54:07 +0000
Commit:     Bjoern A. Zeeb <bz@FreeBSD.org>
CommitDate: 2025-12-08 15:43:50 +0000

    LinuxKPI: 802.11: initialize the passed in chandef in cfg80211_chandef_create
    
    cfg80211_chandef_create() gets passed a pointer to a cfg80211_chan_def.
    It seems that several users are passing in an uninitialized variable
    from the stack and expect cfg80211_chandef_create() to initialize it.
    Run memset() on the struct, which for all callers currently seems to do
    the right thing, to avoid later accesses to uninitialized struct members
    like "punctured".
    
    Reported by:    CI (gcc build)
    Sponsonred by:  The FreeBSD Foundation
    
    (cherry picked from commit 640205bc22c8b2bd31c766f4d0c409c183a8b8dc)
---
 sys/compat/linuxkpi/common/include/net/cfg80211.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/compat/linuxkpi/common/include/net/cfg80211.h b/sys/compat/linuxkpi/common/include/net/cfg80211.h
index f769cfdd4075..305026b34451 100644
--- a/sys/compat/linuxkpi/common/include/net/cfg80211.h
+++ b/sys/compat/linuxkpi/common/include/net/cfg80211.h
@@ -1450,7 +1450,7 @@ cfg80211_chandef_create(struct cfg80211_chan_def *chandef,
 	KASSERT(chandef != NULL, ("%s: chandef is NULL\n", __func__));
 	KASSERT(chan != NULL, ("%s: chan is NULL\n", __func__));
 
-	/* memset(chandef, 0, sizeof(*chandef)); */
+	memset(chandef, 0, sizeof(*chandef));
 	chandef->chan = chan;
 	chandef->center_freq1 = chan->center_freq;
 	/* chandef->width, center_freq2, punctured */

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6936f248.36d5a.519688a9>