git: eedf9f1e93bd - stable/13 - pf: Make sure that pfi_update_status() always zeros counters
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 14 Jul 2022 13:50:26 UTC
The branch stable/13 has been updated by markj:
URL: https://cgit.FreeBSD.org/src/commit/?id=eedf9f1e93bd1ee9448550b140dbbd2ab5926055
commit eedf9f1e93bd1ee9448550b140dbbd2ab5926055
Author: Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2022-06-30 14:19:23 +0000
Commit: Mark Johnston <markj@FreeBSD.org>
CommitDate: 2022-07-14 13:49:58 +0000
pf: Make sure that pfi_update_status() always zeros counters
pfi_update_status() can return early if the status interface doesn't
exist. But in this case pf_getstatus() was copying uninitialized stack
memory into the output nvlist.
Reported by: Jenkins (KMSAN job)
Reviewed by: kp
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 333670372ffe2f1c562e1088a7779eb709006ba2)
---
sys/netpfil/pf/pf_if.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c
index cdde753c41b3..02c46db409b6 100644
--- a/sys/netpfil/pf/pf_if.c
+++ b/sys/netpfil/pf/pf_if.c
@@ -803,6 +803,11 @@ pfi_update_status(const char *name, struct pf_status *pfs)
CK_STAILQ_HEAD(, ifg_member) ifg_members;
int i, j, k;
+ if (pfs) {
+ bzero(pfs->pcounters, sizeof(pfs->pcounters));
+ bzero(pfs->bcounters, sizeof(pfs->bcounters));
+ }
+
strlcpy(key.pfik_name, name, sizeof(key.pfik_name));
p = RB_FIND(pfi_ifhead, &V_pfi_ifs, (struct pfi_kkif *)&key);
if (p == NULL)
@@ -818,10 +823,6 @@ pfi_update_status(const char *name, struct pf_status *pfs)
CK_STAILQ_INIT(&ifg_members);
CK_STAILQ_INSERT_TAIL(&ifg_members, &p_member, ifgm_next);
}
- if (pfs) {
- bzero(pfs->pcounters, sizeof(pfs->pcounters));
- bzero(pfs->bcounters, sizeof(pfs->bcounters));
- }
CK_STAILQ_FOREACH(ifgm, &ifg_members, ifgm_next) {
if (ifgm->ifgm_ifp == NULL || ifgm->ifgm_ifp->if_pf_kif == NULL)
continue;