From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Tom Rix <trix@redhat.com>,
Paul Moore <paul@paul-moore.com>
Subject: [PATCH 4.14 05/19] selinux: initialize proto variable in selinux_ip_postroute_compat()
Date: Mon, 3 Jan 2022 15:21:22 +0100 [thread overview]
Message-ID: <20220103142052.241291041@linuxfoundation.org> (raw)
In-Reply-To: <20220103142052.068378906@linuxfoundation.org>
From: Tom Rix <trix@redhat.com>
commit 732bc2ff080c447f8524f40c970c481f5da6eed3 upstream.
Clang static analysis reports this warning
hooks.c:5765:6: warning: 4th function call argument is an uninitialized
value
if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto))
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
selinux_parse_skb() can return ok without setting proto. The later call
to selinux_xfrm_postroute_last() does an early check of proto and can
return ok if the garbage proto value matches. So initialize proto.
Cc: stable@vger.kernel.org
Fixes: eef9b41622f2 ("selinux: cleanup selinux_xfrm_sock_rcv_skb() and selinux_xfrm_postroute_last()")
Signed-off-by: Tom Rix <trix@redhat.com>
[PM: typo/spelling and checkpatch.pl description fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
security/selinux/hooks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -5321,7 +5321,7 @@ static unsigned int selinux_ip_postroute
struct common_audit_data ad;
struct lsm_network_audit net = {0,};
char *addrp;
- u8 proto;
+ u8 proto = 0;
if (sk == NULL)
return NF_ACCEPT;
next prev parent reply other threads:[~2022-01-03 14:24 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-03 14:21 [PATCH 4.14 00/19] 4.14.261-rc1 review Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 01/19] HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 02/19] tee: handle lookup of shm with reference count 0 Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 03/19] platform/x86: apple-gmux: use resource_size() with res Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 04/19] recordmcount.pl: fix typo in s390 mcount regex Greg Kroah-Hartman
2022-01-03 14:21 ` Greg Kroah-Hartman [this message]
2022-01-03 14:21 ` [PATCH 4.14 06/19] scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 07/19] net: usb: pegasus: Do not drop long Ethernet frames Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 08/19] NFC: st21nfca: Fix memory leak in device probe and remove Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 09/19] fsl/fman: Fix missing put_device() call in fman_port_probe Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 10/19] nfc: uapi: use kernel size_t to fix user-space builds Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 11/19] uapi: fix linux/nfc.h userspace compilation errors Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 12/19] xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 13/19] usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 14/19] binder: fix async_free_space accounting for empty parcels Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 15/19] scsi: vmw_pvscsi: Set residual data length conditionally Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 16/19] Input: appletouch - initialize work before device registration Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 17/19] Input: spaceball - fix parsing of movement data packets Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 18/19] net: fix use-after-free in tw_timer_handler Greg Kroah-Hartman
2022-01-03 14:21 ` [PATCH 4.14 19/19] sctp: use call_rcu to free endpoint Greg Kroah-Hartman
2022-01-04 1:24 ` [PATCH 4.14 00/19] 4.14.261-rc1 review Guenter Roeck
2022-01-04 9:53 ` Jon Hunter
2022-01-04 13:39 ` Naresh Kamboju
2022-01-05 2:19 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220103142052.241291041@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=stable@vger.kernel.org \
--cc=trix@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.