Date: Mon, 20 Feb 2023 20:13:05 GMT From: "Alexander V. Chernikov" <melifaro@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 2e847957c50c - releng/13.2 - netlink: Zero-initialize writer structures allocated on the stack Message-ID: <202302202013.31KKD5UZ094049@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch releng/13.2 has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=2e847957c50c63ebecdd6825b9466e3d979fac9b commit 2e847957c50c63ebecdd6825b9466e3d979fac9b Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2023-01-26 15:46:19 +0000 Commit: Alexander V. Chernikov <melifaro@FreeBSD.org> CommitDate: 2023-02-20 19:48:12 +0000 netlink: Zero-initialize writer structures allocated on the stack The prevailing pattern seems to be to simply initialize all fields to zero. Without this, it's possible to trigger a branch on uninitialized memory, specifically, when testing nw->ignore_limit in nlmsg_refill_buffer(). Initialize the writer structure in a couple of functions where this is necessary. Reported by: KMSAN Reviewed by: melifaro Approved by: re(cperciva) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D38213 (cherry picked from commit 7a78ae88659e0f6a901574d17672d1ccdc3e971b) (cherry picked from commit 2de541757e0a2e25ce974b3c4c29bc8b753b8b6a) --- sys/netlink/route/rt.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/sys/netlink/route/rt.c b/sys/netlink/route/rt.c index 48a6b0928cab..59b34c53ad4b 100644 --- a/sys/netlink/route/rt.c +++ b/sys/netlink/route/rt.c @@ -341,9 +341,9 @@ static void report_operation(uint32_t fibnum, struct rib_cmd_info *rc, struct nlpcb *nlp, struct nlmsghdr *hdr) { - struct nl_writer nw; - + struct nl_writer nw = {}; uint32_t group_id = family_to_group(rt_get_family(rc->rc_rt)); + if (nlmsg_get_group_writer(&nw, NLMSG_SMALL, NETLINK_ROUTE, group_id)) { struct route_nhop_data rnd = { .rnd_nhop = rc_get_nhop(rc), @@ -926,10 +926,9 @@ rtnl_handle_getroute(struct nlmsghdr *hdr, struct nlpcb *nlp, struct nl_pstate * void rtnl_handle_route_event(uint32_t fibnum, const struct rib_cmd_info *rc) { + struct nl_writer nw = {}; int family, nlm_flags = 0; - struct nl_writer nw; - family = rt_get_family(rc->rc_rt); /* XXX: check if there are active listeners first */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202302202013.31KKD5UZ094049>