Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/compat sys/compat: Memset zero before copyout.
details: https://anonhg.NetBSD.org/src/rev/24990f5e5f69
branches: trunk
changeset: 1023440:24990f5e5f69
user: riastradh <riastradh%NetBSD.org@localhost>
date: Tue Sep 07 11:43:02 2021 +0000
description:
sys/compat: Memset zero before copyout.
Just in case of uninitialized padding which would lead to kernel
stack disclosure. If the compiler can prove the memset redundant
then it can optimize it away; otherwise better safe than sorry.
diffstat:
sys/compat/common/ieee80211_20.c | 7 +-
sys/compat/common/if_media_80.c | 5 +-
sys/compat/common/kern_info_09.c | 5 +-
sys/compat/common/kern_info_43.c | 6 +-
sys/compat/common/kern_resource_43.c | 5 +-
sys/compat/common/kern_sig_13.c | 7 +-
sys/compat/common/kern_sig_43.c | 10 ++-
sys/compat/common/kern_time_50.c | 6 +-
sys/compat/common/vfs_syscalls_12.c | 6 +-
sys/compat/common/vfs_syscalls_30.c | 6 +-
sys/compat/common/vfs_syscalls_43.c | 5 +-
sys/compat/freebsd/freebsd_machdep.c | 6 +-
sys/compat/freebsd/freebsd_misc.c | 5 +-
sys/compat/freebsd/freebsd_sched.c | 5 +-
sys/compat/linux/arch/alpha/linux_machdep.c | 8 ++-
sys/compat/linux/arch/alpha/linux_osf1.c | 9 ++-
sys/compat/linux/arch/amd64/linux_machdep.c | 5 +-
sys/compat/linux/arch/arm/linux_machdep.c | 6 +-
sys/compat/linux/arch/arm/linux_ptrace.c | 5 +-
sys/compat/linux/arch/i386/linux_machdep.c | 11 +++-
sys/compat/linux/arch/i386/linux_ptrace.c | 5 +-
sys/compat/linux/arch/m68k/linux_machdep.c | 8 ++-
sys/compat/linux/arch/mips/linux_machdep.c | 5 +-
sys/compat/linux/arch/powerpc/linux_exec_powerpc.c | 6 +-
sys/compat/linux/arch/powerpc/linux_machdep.c | 5 +-
sys/compat/linux/arch/powerpc/linux_ptrace.c | 7 +-
sys/compat/linux/common/linux_cdrom.c | 6 +-
sys/compat/linux/common/linux_fdio.c | 5 +-
sys/compat/linux/common/linux_file.c | 5 +-
sys/compat/linux/common/linux_hdio.c | 6 +-
sys/compat/linux/common/linux_misc.c | 7 +-
sys/compat/linux/common/linux_mtio.c | 5 +-
sys/compat/linux/common/linux_oldolduname.c | 6 +-
sys/compat/linux/common/linux_olduname.c | 6 +-
sys/compat/linux/common/linux_sched.c | 6 +-
sys/compat/linux/common/linux_signal.c | 12 +++-
sys/compat/linux/common/linux_socket.c | 7 +-
sys/compat/linux/common/linux_time.c | 6 +-
sys/compat/linux32/arch/amd64/linux32_machdep.c | 6 +-
sys/compat/linux32/common/linux32_exec_elf32.c | 6 +-
sys/compat/linux32/common/linux32_resource.c | 5 +-
sys/compat/linux32/common/linux32_signal.c | 6 +-
sys/compat/linux32/common/linux32_time.c | 10 ++-
sys/compat/netbsd32/netbsd32_compat_12.c | 5 +-
sys/compat/netbsd32/netbsd32_compat_20.c | 6 +-
sys/compat/netbsd32/netbsd32_compat_43.c | 6 +-
sys/compat/netbsd32/netbsd32_compat_50.c | 10 ++-
sys/compat/netbsd32/netbsd32_conv.h | 62 ++++++++++++++++++++-
sys/compat/netbsd32/netbsd32_nfssvc.c | 5 +-
sys/compat/netbsd32/netbsd32_ptrace.c | 7 +-
sys/compat/netbsd32/netbsd32_signal.c | 7 +-
sys/compat/netbsd32/netbsd32_time.c | 8 ++-
sys/compat/netbsd32/netbsd32_wait.c | 5 +-
sys/compat/ossaudio/ossaudio.c | 8 ++-
sys/compat/sunos/sunos_ioctl.c | 20 ++++++-
sys/compat/sunos/sunos_misc.c | 7 +-
sys/compat/sunos32/sunos32_ioctl.c | 21 ++++++-
sys/compat/sunos32/sunos32_misc.c | 8 ++-
sys/compat/sys/statvfs.h | 5 +-
sys/compat/sys/time_types.h | 43 ++++++++------
sys/compat/ultrix/ultrix_ioctl.c | 13 +++-
sys/compat/ultrix/ultrix_misc.c | 9 ++-
62 files changed, 384 insertions(+), 145 deletions(-)
diffs (truncated from 2608 to 300 lines):
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/ieee80211_20.c
--- a/sys/compat/common/ieee80211_20.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/ieee80211_20.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ieee80211_20.c,v 1.6 2019/12/12 02:15:42 pgoyette Exp $ */
+/* $NetBSD: ieee80211_20.c,v 1.7 2021/09/07 11:43:02 riastradh Exp $ */
/*-
* Copyright (c) 2001 Atsushi Onoe
* Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
@@ -36,7 +36,7 @@
__FBSDID("$FreeBSD: src/sys/net80211/ieee80211_ioctl.c,v 1.35 2005/08/30 14:27:47 avatar Exp $");
#endif
#ifdef __NetBSD__
-__KERNEL_RCSID(0, "$NetBSD: ieee80211_20.c,v 1.6 2019/12/12 02:15:42 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ieee80211_20.c,v 1.7 2021/09/07 11:43:02 riastradh Exp $");
#endif
/*
@@ -76,6 +76,9 @@
ieee80211_get_ostats(struct ieee80211_ostats *ostats,
struct ieee80211_stats *stats)
{
+
+ memset(ostats, 0, sizeof(*ostats));
+
#define COPYSTATS1(__ostats, __nstats, __dstmemb, __srcmemb, __lastmemb)\
(void)memcpy(&(__ostats)->__dstmemb, &(__nstats)->__srcmemb, \
offsetof(struct ieee80211_stats, __lastmemb) - \
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/if_media_80.c
--- a/sys/compat/common/if_media_80.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/if_media_80.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: if_media_80.c,v 1.3 2019/12/12 02:15:42 pgoyette Exp $ */
+/* $NetBSD: if_media_80.c,v 1.4 2021/09/07 11:43:02 riastradh Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -141,7 +141,8 @@
* there is no problem to trust ifm_count.
*/
minwords = ifmr->ifm_count;
- kptr = malloc(minwords * sizeof(*kptr), M_TEMP, M_WAITOK);
+ kptr = malloc(minwords * sizeof(*kptr), M_TEMP,
+ M_WAITOK|M_ZERO);
if (kptr == NULL)
return ENOMEM;
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/kern_info_09.c
--- a/sys/compat/common/kern_info_09.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/kern_info_09.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_info_09.c,v 1.21 2019/01/27 02:08:39 pgoyette Exp $ */
+/* $NetBSD: kern_info_09.c,v 1.22 2021/09/07 11:43:02 riastradh Exp $ */
/*
* Copyright (c) 1982, 1986, 1991, 1993
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_info_09.c,v 1.21 2019/01/27 02:08:39 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_info_09.c,v 1.22 2021/09/07 11:43:02 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -120,6 +120,7 @@
const char *cp;
char *dp, *ep;
+ memset(&outsname, 0, sizeof(outsname));
strncpy(outsname.sysname, ostype, sizeof(outsname.sysname));
strncpy(outsname.nodename, hostname, sizeof(outsname.nodename));
strncpy(outsname.release, osrelease, sizeof(outsname.release));
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/kern_info_43.c
--- a/sys/compat/common/kern_info_43.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/kern_info_43.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_info_43.c,v 1.39 2020/01/30 14:07:40 christos Exp $ */
+/* $NetBSD: kern_info_43.c,v 1.40 2021/09/07 11:43:02 riastradh Exp $ */
/*
* Copyright (c) 1982, 1986, 1991, 1993
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_info_43.c,v 1.39 2020/01/30 14:07:40 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_info_43.c,v 1.40 2021/09/07 11:43:02 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -263,6 +263,8 @@
break;
}
+ memset(&ksi, 0, sizeof(ksi));
+
#define COPY(fld) \
ksi.fld = us - (u_long) usi; \
if ((error = copyoutstr(fld, us, 1024, &len)) != 0)\
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/kern_resource_43.c
--- a/sys/compat/common/kern_resource_43.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/kern_resource_43.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_resource_43.c,v 1.22 2019/01/27 02:08:39 pgoyette Exp $ */
+/* $NetBSD: kern_resource_43.c,v 1.23 2021/09/07 11:43:02 riastradh Exp $ */
/*-
* Copyright (c) 1982, 1986, 1991, 1993
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_resource_43.c,v 1.22 2019/01/27 02:08:39 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_resource_43.c,v 1.23 2021/09/07 11:43:02 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -77,6 +77,7 @@
if ((u_int)which >= RLIM_NLIMITS)
return (EINVAL);
+ memset(&olim, 0, sizeof(olim));
olim.rlim_cur = p->p_rlimit[which].rlim_cur;
if (olim.rlim_cur == -1)
olim.rlim_cur = 0x7fffffff;
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/kern_sig_13.c
--- a/sys/compat/common/kern_sig_13.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/kern_sig_13.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_sig_13.c,v 1.21 2019/01/27 02:08:39 pgoyette Exp $ */
+/* $NetBSD: kern_sig_13.c,v 1.22 2021/09/07 11:43:02 riastradh Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_sig_13.c,v 1.21 2019/01/27 02:08:39 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_sig_13.c,v 1.22 2021/09/07 11:43:02 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -73,6 +73,7 @@
native_sigset13_to_sigset(const sigset13_t *oss, sigset_t *ss)
{
+ memset(ss, 0, sizeof(*ss));
ss->__bits[0] = *oss;
ss->__bits[1] = 0;
ss->__bits[2] = 0;
@@ -90,6 +91,7 @@
native_sigaction13_to_sigaction(const struct sigaction13 *osa, struct sigaction *sa)
{
+ memset(sa, 0, sizeof(*sa));
sa->sa_handler = osa->osa_handler;
native_sigset13_to_sigset(&osa->osa_mask, &sa->sa_mask);
sa->sa_flags = osa->osa_flags;
@@ -99,6 +101,7 @@
native_sigaction_to_sigaction13(const struct sigaction *sa, struct sigaction13 *osa)
{
+ memset(osa, 0, sizeof(*osa));
osa->osa_handler = sa->sa_handler;
native_sigset_to_sigset13(&sa->sa_mask, &osa->osa_mask);
osa->osa_flags = sa->sa_flags;
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/kern_sig_43.c
--- a/sys/compat/common/kern_sig_43.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/kern_sig_43.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_sig_43.c,v 1.36 2020/01/01 14:52:38 maxv Exp $ */
+/* $NetBSD: kern_sig_43.c,v 1.37 2021/09/07 11:43:02 riastradh Exp $ */
/*-
* Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -30,7 +30,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_sig_43.c,v 1.36 2020/01/01 14:52:38 maxv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_sig_43.c,v 1.37 2021/09/07 11:43:02 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -86,6 +86,7 @@
compat_43_sigmask_to_sigset(const int *sm, sigset_t *ss)
{
+ memset(ss, 0, sizeof(*ss));
ss->__bits[0] = *sm;
ss->__bits[1] = 0;
ss->__bits[2] = 0;
@@ -102,6 +103,8 @@
void
compat_43_sigvec_to_sigaction(const struct sigvec *sv, struct sigaction *sa)
{
+
+ memset(sa, 0, sizeof(*sa));
sa->sa_handler = sv->sv_handler;
compat_43_sigmask_to_sigset(&sv->sv_mask, &sa->sa_mask);
sa->sa_flags = sv->sv_flags ^ SA_RESTART;
@@ -110,6 +113,8 @@
void
compat_43_sigaction_to_sigvec(const struct sigaction *sa, struct sigvec *sv)
{
+
+ memset(sv, 0, sizeof(*sv));
sv->sv_handler = sa->sa_handler;
compat_43_sigset_to_sigmask(&sa->sa_mask, &sv->sv_mask);
sv->sv_flags = sa->sa_flags ^ SA_RESTART;
@@ -118,6 +123,7 @@
void
compat_43_sigstack_to_sigaltstack(const struct sigstack *ss, struct sigaltstack *sa)
{
+ memset(sa, 0, sizeof(*sa));
sa->ss_sp = ss->ss_sp;
sa->ss_size = SIGSTKSZ; /* Use the recommended size */
sa->ss_flags = 0;
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/kern_time_50.c
--- a/sys/compat/common/kern_time_50.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/kern_time_50.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_time_50.c,v 1.36 2021/04/03 12:57:21 simonb Exp $ */
+/* $NetBSD: kern_time_50.c,v 1.37 2021/09/07 11:43:02 riastradh Exp $ */
/*-
* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -29,7 +29,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_time_50.c,v 1.36 2021/04/03 12:57:21 simonb Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_time_50.c,v 1.37 2021/09/07 11:43:02 riastradh Exp $");
#ifdef _KERNEL_OPT
#include "opt_compat_netbsd.h"
@@ -226,6 +226,7 @@
* NetBSD has no kernel notion of time zone, so we just
* fake up a timezone struct and return it if demanded.
*/
+ memset(&tzfake, 0, sizeof(tzfake));
tzfake.tz_minuteswest = 0;
tzfake.tz_dsttime = 0;
error = copyout(&tzfake, SCARG(uap, tzp), sizeof(tzfake));
@@ -458,6 +459,7 @@
void
rusage_to_rusage50(const struct rusage *ru, struct rusage50 *ru50)
{
+ memset(ru50, 0, sizeof(*ru50));
(void)memcpy(&ru50->ru_first, &ru->ru_first,
(char *)&ru50->ru_last - (char *)&ru50->ru_first +
sizeof(ru50->ru_last));
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/vfs_syscalls_12.c
--- a/sys/compat/common/vfs_syscalls_12.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/vfs_syscalls_12.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_syscalls_12.c,v 1.37 2019/01/27 02:08:39 pgoyette Exp $ */
+/* $NetBSD: vfs_syscalls_12.c,v 1.38 2021/09/07 11:43:02 riastradh Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -37,7 +37,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_12.c,v 1.37 2019/01/27 02:08:39 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_12.c,v 1.38 2021/09/07 11:43:02 riastradh Exp $");
#if defined(_KERNEL_OPT)
#include "opt_compat_netbsd.h"
@@ -82,6 +82,7 @@
compat_12_stat_conv(const struct stat *st, struct stat12 *ost)
{
+ memset(ost, 0, sizeof(*ost));
ost->st_dev = st->st_dev;
ost->st_ino = st->st_ino;
ost->st_mode = st->st_mode & 0xffff;
@@ -201,6 +202,7 @@
off += reclen;
continue;
}
+ memset(&idb, 0, sizeof(idb));
if (bdp->d_namlen >= sizeof(idb.d_name))
idb.d_namlen = sizeof(idb.d_name) - 1;
else
diff -r 0d935412c23c -r 24990f5e5f69 sys/compat/common/vfs_syscalls_30.c
--- a/sys/compat/common/vfs_syscalls_30.c Tue Sep 07 11:41:31 2021 +0000
+++ b/sys/compat/common/vfs_syscalls_30.c Tue Sep 07 11:43:02 2021 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_syscalls_30.c,v 1.42 2021/08/15 07:57:46 christos Exp $ */
+/* $NetBSD: vfs_syscalls_30.c,v 1.43 2021/09/07 11:43:02 riastradh Exp $ */
/*-
* Copyright (c) 2005, 2008 The NetBSD Foundation, Inc.
@@ -29,7 +29,7 @@
* POSSIBILITY OF SUCH DAMAGE.
*/
Home |
Main Index |
Thread Index |
Old Index