| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a2d719a8-da7c-da82-96f7-0b24bd164418@canonical.com>
Date: Tue, 7 Feb 2017 11:25:22 +0000
From: Colin Ian King <colin.king@...onical.com>
To: Roopa Prabhu <roopa@...ulusnetworks.com>
Cc: Nikolay Aleksandrov <nikolay@...ulusnetworks.com>,
"David S. Miller" <davem@...emloft.net>,
bridge@...ts.linux-foundation.org,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: RE: bridge: per vlan dst_metadata netlink support
Hi,
Static analysis with CoverityScan on net/bridge/br_netlink_tunnel.c has
picked up and issue where tb[] is being referenced but contains
uninitialized data.
222 int br_parse_vlan_tunnel_info(struct nlattr *attr,
223 struct vtunnel_info *tinfo)
224 {
1. var_decl: Declaring variable tb without initializer.
225 struct nlattr *tb[IFLA_BRIDGE_VLAN_TUNNEL_MAX + 1];
226 u32 tun_id;
227 u16 vid, flags = 0;
228 int err;
229
230 memset(tinfo, 0, sizeof(*tinfo));
231
CID 1400055 (#1 of 1): Uninitialized pointer read (UNINIT)2.
uninit_use: Using uninitialized value tb[IFLA_BRIDGE_VLAN_TUNNEL_ID].
232 if (!tb[IFLA_BRIDGE_VLAN_TUNNEL_ID] ||
233 !tb[IFLA_BRIDGE_VLAN_TUNNEL_VID])
234 return -EINVAL;
Colin
Powered by blists - more mailing lists