[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHC9VhSmxfpGpVkHvu=HmATm8+uRkdyo8bgrU8XJAK_h3K3dhA@mail.gmail.com>
Date: Mon, 25 Mar 2019 10:14:44 -0400
From: Paul Moore <paul@...l-moore.com>
To: Arnd Bergmann <arnd@...db.de>
Cc: Stephen Smalley <sds@...ho.nsa.gov>,
Eric Paris <eparis@...isplace.org>, selinux@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] [v2] selinux: avoid uninitialized variable warning
On Mon, Mar 25, 2019 at 8:40 AM Arnd Bergmann <arnd@...db.de> wrote:
> clang correctly points out a code path that would lead
> to an uninitialized variable use:
>
> security/selinux/netlabel.c:310:6: error: variable 'addr' is used uninitialized whenever 'if' condition is false
> [-Werror,-Wsometimes-uninitialized]
> if (ip_hdr(skb)->version == 4) {
> ^~~~~~~~~~~~~~~~~~~~~~~~~
> security/selinux/netlabel.c:322:40: note: uninitialized use occurs here
> rc = netlbl_conn_setattr(ep->base.sk, addr, &secattr);
> ^~~~
> security/selinux/netlabel.c:310:2: note: remove the 'if' if its condition is always true
> if (ip_hdr(skb)->version == 4) {
> ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> security/selinux/netlabel.c:291:23: note: initialize the variable 'addr' to silence this warning
> struct sockaddr *addr;
> ^
> = NULL
>
> This is probably harmless since we should not see ipv6 packets
> of CONFIG_IPV6 is disabled, but it's better to rearrange the code
> so this cannot happen.
>
> Link: https://lore.kernel.org/patchwork/patch/1053663/
> Signed-off-by: Arnd Bergmann <arnd@...db.de>
> ---
> v2: revise after discussing with Paul Moore
> ---
> security/selinux/netlabel.c | 14 +++++---------
> 1 file changed, 5 insertions(+), 9 deletions(-)
>
> diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c
> index 186e727b737b..fb4351733450 100644
> --- a/security/selinux/netlabel.c
> +++ b/security/selinux/netlabel.c
> @@ -288,11 +288,8 @@ int selinux_netlbl_sctp_assoc_request(struct sctp_endpoint *ep,
> int rc;
> struct netlbl_lsm_secattr secattr;
> struct sk_security_struct *sksec = ep->base.sk->sk_security;
> - struct sockaddr *addr;
> struct sockaddr_in addr4;
> -#if IS_ENABLED(CONFIG_IPV6)
> struct sockaddr_in6 addr6;
> -#endif
>
> if (ep->base.sk->sk_family != PF_INET &&
> ep->base.sk->sk_family != PF_INET6)
> @@ -310,16 +307,15 @@ int selinux_netlbl_sctp_assoc_request(struct sctp_endpoint *ep,
> if (ip_hdr(skb)->version == 4) {
> addr4.sin_family = AF_INET;
> addr4.sin_addr.s_addr = ip_hdr(skb)->saddr;
> - addr = (struct sockaddr *)&addr4;
> -#if IS_ENABLED(CONFIG_IPV6)
> - } else {
> + rc = netlbl_conn_setattr(ep->base.sk, (void*)&addr4, &secattr);
> + } else if (IS_ENABLED(CONFIG_IPV6)) {
I thought we had talked about using an else-if statement like the one
below, is there any reason why you changed it to just the IS_ENABLED()
check? I liked the idea of explicitly checking the IP header version
number before treating the packet as an IPv6 packet.
else if (IS_ENABLED(CONFIG_IPV6) && ip_hdr(skb)->version == 6)
> addr6.sin6_family = AF_INET6;
> addr6.sin6_addr = ipv6_hdr(skb)->saddr;
> - addr = (struct sockaddr *)&addr6;
> -#endif
> + rc = netlbl_conn_setattr(ep->base.sk, (void*)&addr6, &secattr);
> + } else {
> + rc = -EAFNOSUPPORT;
> }
>
> - rc = netlbl_conn_setattr(ep->base.sk, addr, &secattr);
> if (rc == 0)
> sksec->nlbl_state = NLBL_LABELED;
>
> --
> 2.20.0
>
--
paul moore
www.paul-moore.com
Powered by blists - more mailing lists