netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] net/sctp: use memset avoid infoleaks
@ 2022-03-01  8:18 cgel.zte
  2022-03-03  6:18 ` Jakub Kicinski
  0 siblings, 1 reply; 2+ messages in thread
From: cgel.zte @ 2022-03-01  8:18 UTC (permalink / raw)
  To: vyasevich
  Cc: nhorman, marcelo.leitner, davem, kuba, linux-sctp, netdev,
	linux-kernel, Minghao Chi, Zeal Robot

From: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>

Use memset to initialize structs to preventing infoleaks
in sctp_auth_chunk_verify

Reported-by: Zeal Robot <zealci@zte.com.cn>
Signed-off-by: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>
---
 net/sctp/sm_statefuns.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
index cc544a97c4af..7ff16d12e0c5 100644
--- a/net/sctp/sm_statefuns.c
+++ b/net/sctp/sm_statefuns.c
@@ -652,6 +652,7 @@ static bool sctp_auth_chunk_verify(struct net *net, struct sctp_chunk *chunk,
 		return false;
 
 	/* set-up our fake chunk so that we can process it */
+	memset(&auth, 0x0, sizeof(auth));
 	auth.skb = chunk->auth_chunk;
 	auth.asoc = chunk->asoc;
 	auth.sctp_hdr = chunk->sctp_hdr;
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] net/sctp: use memset avoid infoleaks
  2022-03-01  8:18 [PATCH] net/sctp: use memset avoid infoleaks cgel.zte
@ 2022-03-03  6:18 ` Jakub Kicinski
  0 siblings, 0 replies; 2+ messages in thread
From: Jakub Kicinski @ 2022-03-03  6:18 UTC (permalink / raw)
  To: cgel.zte
  Cc: vyasevich, nhorman, marcelo.leitner, davem, linux-sctp, netdev,
	linux-kernel, Minghao Chi, Zeal Robot

On Tue,  1 Mar 2022 08:18:55 +0000 cgel.zte@gmail.com wrote:
> From: Minghao Chi (CGEL ZTE) <chi.minghao@zte.com.cn>
> 
> Use memset to initialize structs to preventing infoleaks
> in sctp_auth_chunk_verify

Please explain where it's leaked to. Looks like a parameter structure
that's used by the called but not copied anywhere.

> diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
> index cc544a97c4af..7ff16d12e0c5 100644
> --- a/net/sctp/sm_statefuns.c
> +++ b/net/sctp/sm_statefuns.c
> @@ -652,6 +652,7 @@ static bool sctp_auth_chunk_verify(struct net *net, struct sctp_chunk *chunk,
>  		return false;
>  
>  	/* set-up our fake chunk so that we can process it */
> +	memset(&auth, 0x0, sizeof(auth));
>  	auth.skb = chunk->auth_chunk;
>  	auth.asoc = chunk->asoc;
>  	auth.sctp_hdr = chunk->sctp_hdr;


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-03-03  6:18 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-01  8:18 [PATCH] net/sctp: use memset avoid infoleaks cgel.zte
2022-03-03  6:18 ` Jakub Kicinski

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).