| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CADvbK_fD5H_FmCQX=p5eyN2261BerqR7=1_-LqdehS8o_M9Agg@mail.gmail.com>
Date: Wed, 19 Jul 2017 12:58:56 +1200
From: Xin Long <lucien.xin@...il.com>
To: Alexander Potapenko <glider@...gle.com>
Cc: Dmitriy Vyukov <dvyukov@...gle.com>,
Kostya Serebryany <kcc@...gle.com>,
Eric Dumazet <edumazet@...gle.com>,
David Miller <davem@...emloft.net>,
Vladislav Yasevich <vyasevich@...il.com>,
LKML <linux-kernel@...r.kernel.org>, linux-sctp@...r.kernel.org
Subject: Re: [PATCH] sctp: fully initialize the IPv6 address in sctp_v6_to_addr()
On Wed, Jul 19, 2017 at 3:02 AM, Alexander Potapenko <glider@...gle.com> wrote:
> On Tue, Jul 18, 2017 at 4:55 PM, Alexander Potapenko <glider@...gle.com> wrote:
>> KMSAN reported use of uninitialized sctp_addr->v4.sin_addr.s_addr and
>> sctp_addr->v6.sin6_scope_id in sctp_v6_cmp_addr() (see below).
>> Make sure all fields of an IPv6 address are initialized, which
>> guarantees that the IPv4 fields are also initialized.
> I'm assuming here that the IPv4 address is known to overlap with the
> IPv6 one and doesn't need separate initialization.
>
Ok, addr->v6.sin6_scope_id = 0 will fix the call trace you posted here.
addr->v6.sin6_flowinfo = 0 is to fix uninitialized
sctp_addr->v4.sin_addr.s_addr,
I couldn't see how this happens, can you also post the call trace for
v4.sin_addr.s_addr ?
Thanks
Powered by blists - more mailing lists