diff mbox series

net/sctp: use memset avoid infoleaks

Message ID 20220301081855.2053372-1-chi.minghao@zte.com.cn (mailing list archive)
State Changes Requested
Delegated to: Netdev Maintainers
Headers show
Series net/sctp: use memset avoid infoleaks | expand

Checks

Context Check Description
netdev/tree_selection success Guessed tree name to be net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/subject_prefix warning Target tree name not specified in the subject
netdev/cover_letter success Single patches do not need cover letters
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 1 this patch: 1
netdev/cc_maintainers success CCed 7 of 7 maintainers
netdev/build_clang success Errors and warnings before: 0 this patch: 0
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 1 this patch: 1
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 7 lines checked
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

CGEL March 1, 2022, 8:18 a.m. UTC 
From: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>

Use memset to initialize structs to preventing infoleaks
in sctp_auth_chunk_verify

Reported-by: Zeal Robot <zealci@zte.com.cn>
Signed-off-by: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>
---
 net/sctp/sm_statefuns.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Jakub Kicinski March 3, 2022, 6:18 a.m. UTC | #1 
On Tue,  1 Mar 2022 08:18:55 +0000 cgel.zte@gmail.com wrote:
> From: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>
> 
> Use memset to initialize structs to preventing infoleaks
> in sctp_auth_chunk_verify

Please explain where it's leaked to. Looks like a parameter structure
that's used by the called but not copied anywhere.

> diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
> index cc544a97c4af..7ff16d12e0c5 100644
> --- a/net/sctp/sm_statefuns.c
> +++ b/net/sctp/sm_statefuns.c
> @@ -652,6 +652,7 @@ static bool sctp_auth_chunk_verify(struct net *net, struct sctp_chunk *chunk,
>  		return false;
>  
>  	/* set-up our fake chunk so that we can process it */
> +	memset(&auth, 0x0, sizeof(auth));
>  	auth.skb = chunk->auth_chunk;
>  	auth.asoc = chunk->asoc;
>  	auth.sctp_hdr = chunk->sctp_hdr;
diff mbox series

Patch

diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index cc544a97c4af..7ff16d12e0c5 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -652,6 +652,7 @@  static bool sctp_auth_chunk_verify(struct net *net, struct sctp_chunk *chunk,
 		return false;
 
 	/* set-up our fake chunk so that we can process it */
+	memset(&auth, 0x0, sizeof(auth));
 	auth.skb = chunk->auth_chunk;
 	auth.asoc = chunk->asoc;
 	auth.sctp_hdr = chunk->sctp_hdr;