git: 3ff865c6a794 - main - netinet: Fix getcred sysctl handlers to do nothing if no input is given

From: Mark Johnston <markj_at_FreeBSD.org>
Date: Thu, 20 Mar 2025 02:53:15 UTC 
The branch main has been updated by markj:

URL: https://cgit.FreeBSD.org/src/commit/?id=3ff865c6a7948b2cfc01d7056c619145b696700a

commit 3ff865c6a7948b2cfc01d7056c619145b696700a
Author:     Mark Johnston <markj@FreeBSD.org>
AuthorDate: 2025-03-20 01:33:44 +0000
Commit:     Mark Johnston <markj@FreeBSD.org>
CommitDate: 2025-03-20 01:33:44 +0000

    netinet: Fix getcred sysctl handlers to do nothing if no input is given
    
    These routines were all assuming that the sysctl handler has some new
    value, but this is not the case.  SYSCTL_IN() returns 0 in this
    scenario, so they were all operating on an uninitialized address.  This
    is mostly harmless, but trips KMSAN checks, so let's fix them.
    
    Reviewed by:    zlei, rrs, glebius
    MFC after:      2 weeks
    Differential Revision:  https://reviews.freebsd.org/D49348
---
 sys/netinet/sctp_usrreq.c   | 3 ++-
 sys/netinet/tcp_subr.c      | 4 ++++
 sys/netinet/udp_usrreq.c    | 2 ++
 sys/netinet6/sctp6_usrreq.c | 2 ++
 sys/netinet6/udp6_usrreq.c  | 2 ++
 5 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/sys/netinet/sctp_usrreq.c b/sys/netinet/sctp_usrreq.c
index 7fb7ab3418cf..94d57225c20b 100644
--- a/sys/netinet/sctp_usrreq.c
+++ b/sys/netinet/sctp_usrreq.c
@@ -361,8 +361,9 @@ sctp_getcred(SYSCTL_HANDLER_ARGS)
 	/* FIX, for non-bsd is this right? */
 	vrf_id = SCTP_DEFAULT_VRFID;
 
+	if (req->newptr == NULL)
+		return (EINVAL);
 	error = priv_check(req->td, PRIV_NETINET_GETCRED);
-
 	if (error)
 		return (error);
 
diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c
index 03efc759092d..f6317815521d 100644
--- a/sys/netinet/tcp_subr.c
+++ b/sys/netinet/tcp_subr.c
@@ -2698,6 +2698,8 @@ tcp_getcred(SYSCTL_HANDLER_ARGS)
 	struct inpcb *inp;
 	int error;
 
+	if (req->newptr == NULL)
+		return (EINVAL);
 	error = priv_check(req->td, PRIV_NETINET_GETCRED);
 	if (error)
 		return (error);
@@ -2740,6 +2742,8 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS)
 	int mapped = 0;
 #endif
 
+	if (req->newptr == NULL)
+		return (EINVAL);
 	error = priv_check(req->td, PRIV_NETINET_GETCRED);
 	if (error)
 		return (error);
diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c
index b3d980956b66..dafbaf6dc672 100644
--- a/sys/netinet/udp_usrreq.c
+++ b/sys/netinet/udp_usrreq.c
@@ -844,6 +844,8 @@ udp_getcred(SYSCTL_HANDLER_ARGS)
 	struct inpcb *inp;
 	int error;
 
+	if (req->newptr == NULL)
+		return (EINVAL);
 	error = priv_check(req->td, PRIV_NETINET_GETCRED);
 	if (error)
 		return (error);
diff --git a/sys/netinet6/sctp6_usrreq.c b/sys/netinet6/sctp6_usrreq.c
index c0e758e9e12b..8964ccf54c54 100644
--- a/sys/netinet6/sctp6_usrreq.c
+++ b/sys/netinet6/sctp6_usrreq.c
@@ -375,6 +375,8 @@ sctp6_getcred(SYSCTL_HANDLER_ARGS)
 
 	vrf_id = SCTP_DEFAULT_VRFID;
 
+	if (req->newptr == NULL)
+		return (EINVAL);
 	error = priv_check(req->td, PRIV_NETINET_GETCRED);
 	if (error)
 		return (error);
diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c
index 40216ad4c420..c44510e3b65f 100644
--- a/sys/netinet6/udp6_usrreq.c
+++ b/sys/netinet6/udp6_usrreq.c
@@ -617,6 +617,8 @@ udp6_getcred(SYSCTL_HANDLER_ARGS)
 	struct inpcb *inp;
 	int error;
 
+	if (req->newptr == NULL)
+		return (EINVAL);
 	error = priv_check(req->td, PRIV_NETINET_GETCRED);
 	if (error)
 		return (error);