From nobody Thu Mar 28 10:03:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1602254611; cv=none; d=zohomail.com; s=zohoarc; b=PwPNmaIYuV7gLoZg0crULNbpRbTdhb+ZH+UGIGGOV02PcWdWJgqo/j05vPiBnH5XpDab/NL5bX5HAmwMluGf6+PboOFg158iI8kLW4NjOVt4SYFqmJ7iiQTyZapDKSvtDiOuZZm1otlSTZJ+Ei+vvvtoe6EknbHMqOgnzKpzwLY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1602254611; h=Content-Type:Content-Transfer-Encoding:Date:From:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Sender:Subject:To; bh=TzX4QS14hEgeWzhERp0L4tYS6wE9XbqkgCcNtionKRE=; b=oI4GCWnclC9CI4joXuZLonKH9HFPk5tQ8SqoCypi7PbuF+V9N4bstkVPqnmWXmpH7f2oxNXmxj3vmWWFIA4igaSZoLRrbp1FCa4IaoArq9diMhMWFqSH4OIlTEeZ7yV+qSk4vxRa6Ium4yB+GR9DqpE4DckeYEXDCSEXbP/cHWI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1602254611354786.5732366992231; Fri, 9 Oct 2020 07:43:31 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-321-_q45eCeDOcib-SMNWaZWFw-1; Fri, 09 Oct 2020 10:43:28 -0400 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C073980401F; Fri, 9 Oct 2020 14:43:19 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 228D06EF48; Fri, 9 Oct 2020 14:43:19 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 486A11832FC2; Fri, 9 Oct 2020 14:43:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 099EhFev014773 for ; Fri, 9 Oct 2020 10:43:15 -0400 Received: by smtp.corp.redhat.com (Postfix) id 3EE4D19936; Fri, 9 Oct 2020 14:43:15 +0000 (UTC) Received: from localhost.localdomain (unknown [10.40.193.82]) by smtp.corp.redhat.com (Postfix) with ESMTP id B46841972B for ; Fri, 9 Oct 2020 14:43:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1602254610; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=TzX4QS14hEgeWzhERp0L4tYS6wE9XbqkgCcNtionKRE=; b=DWrenD+Y1eN5D8Wb5/wXxcHbvcWAjweacUYU+d7XbeVJCxBXpdu1wHUI7suMH471LzIH3z IqBVfCLs/BArQjz/NiRAb+Nu+a62z2P/DMk6QrrsdPT99FEcnMl6EoEWpBBdsHY0ziUgKy 30if8/eHrxhrhCRzqXgmnwbJSM916rA= X-MC-Unique: _q45eCeDOcib-SMNWaZWFw-1 From: Michal Privoznik To: libvir-list@redhat.com Subject: [PATCH] virsocketaddr: Zero @netmask in virSocketAddrPrefixToNetmask() Date: Fri, 9 Oct 2020 16:43:07 +0200 Message-Id: <796573c57a88bc05ef360c86c18cda20fea14786.1602254587.git.mprivozn@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The aim of virSocketAddrPrefixToNetmask() is to initialize passed virSocketAddr structure based on prefix length and family. However, it doesn't set all members in the struct which may lead to reads of uninitialized values: =3D=3D15421=3D=3D Use of uninitialised value of size 8 =3D=3D15421=3D=3D at 0x50F297A: _itoa_word (in /lib64/libc-2.31.so) =3D=3D15421=3D=3D by 0x510C8FE: __vfprintf_internal (in /lib64/libc-2.31= .so) =3D=3D15421=3D=3D by 0x5120295: __vsnprintf_internal (in /lib64/libc-2.3= 1.so) =3D=3D15421=3D=3D by 0x50F8969: snprintf (in /lib64/libc-2.31.so) =3D=3D15421=3D=3D by 0x51BB602: getnameinfo (in /lib64/libc-2.31.so) =3D=3D15421=3D=3D by 0x496DEE0: virSocketAddrFormatFull (virsocketaddr.c= :486) =3D=3D15421=3D=3D by 0x496DD9F: virSocketAddrFormat (virsocketaddr.c:444) =3D=3D15421=3D=3D by 0x11871F: networkDnsmasqConfContents (bridge_driver= .c:1404) =3D=3D15421=3D=3D by 0x1118F5: testCompareXMLToConfFiles (networkxml2con= ftest.c:48) =3D=3D15421=3D=3D by 0x111BAF: testCompareXMLToConfHelper (networkxml2co= nftest.c:112) =3D=3D15421=3D=3D by 0x112679: virTestRun (testutils.c:142) =3D=3D15421=3D=3D by 0x111D09: mymain (networkxml2conftest.c:144) =3D=3D15421=3D=3D Uninitialised value was created by a stack allocation =3D=3D15421=3D=3D at 0x1175D2: networkDnsmasqConfContents (bridge_driver= .c:1056) All callers expect the function to initialize the structure fully. Signed-off-by: Michal Privoznik Reviewed-by: Laine Stump --- src/util/virsocketaddr.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/util/virsocketaddr.c b/src/util/virsocketaddr.c index e0eb76ded3..65aaa632c7 100644 --- a/src/util/virsocketaddr.c +++ b/src/util/virsocketaddr.c @@ -1097,6 +1097,8 @@ virSocketAddrPrefixToNetmask(unsigned int prefix, virSocketAddrPtr netmask, int family) { + memset(netmask, 0, sizeof(*netmask)); + netmask->data.stor.ss_family =3D AF_UNSPEC; /* assume failure */ =20 if (family =3D=3D AF_INET) { @@ -1135,7 +1137,7 @@ virSocketAddrPrefixToNetmask(unsigned int prefix, } =20 return 0; - } +} =20 /** * virSocketAddrGetIPPrefix: --=20 2.26.2