From patchwork Thu Nov 29 10:27:03 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dan Carpenter X-Patchwork-Id: 1005296 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=oracle.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=oracle.com header.i=@oracle.com header.b="pg9WU+A9"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 435DHG14gqz9s47 for ; Thu, 29 Nov 2018 21:27:38 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727879AbeK2Vc2 (ORCPT ); Thu, 29 Nov 2018 16:32:28 -0500 Received: from userp2120.oracle.com ([156.151.31.85]:48348 "EHLO userp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727666AbeK2Vc2 (ORCPT ); Thu, 29 Nov 2018 16:32:28 -0500 Received: from pps.filterd (userp2120.oracle.com [127.0.0.1]) by userp2120.oracle.com (8.16.0.22/8.16.0.22) with SMTP id wATAO9R8034240; Thu, 29 Nov 2018 10:27:13 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=date : from : to : cc : subject : message-id : mime-version : content-type; s=corp-2018-07-02; bh=vm1BDZyUganD8V/tkgBRHECEUTBzXDdnqp6cxsCrZGg=; b=pg9WU+A9Z2MdpoWjuvvtxNyBjRXoO967adL8MBYvlSi4HBSODD7Chug8TllU4p+tmXE3 vgD0916CiE1ed6Uf3UFZxPKzWMTAK5SO8pxVidj9aEQkLkWBQPzrxZMHFlWzw/0S2Rcr A1VnttUpC9z3b9C5L37Fiq1s0inOl6pW6+/BQ+YMbDuYozbPPc01IHKuJfxqor9HW05V g4VRSUAraEn4zoqbyy/YVYkhVnl6ZIML6tKdfLSBqlPA8D+ndxMcucq5VUM4j0O86UPP l+n7QdAtObCf1Lxa2Zam9ypNnvUL845JSIs23pLtI9XJ2rY8k2ULYN4sgA6el0dBaIyL dQ== Received: from aserv0021.oracle.com (aserv0021.oracle.com [141.146.126.233]) by userp2120.oracle.com with ESMTP id 2nxy9rfc0m-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 29 Nov 2018 10:27:13 +0000 Received: from aserv0121.oracle.com (aserv0121.oracle.com [141.146.126.235]) by aserv0021.oracle.com (8.14.4/8.14.4) with ESMTP id wATARCE4023063 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 29 Nov 2018 10:27:12 GMT Received: from abhmp0007.oracle.com (abhmp0007.oracle.com [141.146.116.13]) by aserv0121.oracle.com (8.14.4/8.13.8) with ESMTP id wATARC2T004436; Thu, 29 Nov 2018 10:27:12 GMT Received: from kili.mountain (/197.157.34.169) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Thu, 29 Nov 2018 02:27:11 -0800 Date: Thu, 29 Nov 2018 13:27:03 +0300 From: Dan Carpenter To: Alexei Starovoitov Cc: Daniel Borkmann , "David S. Miller" , netdev@vger.kernel.org, kernel-janitors@vger.kernel.org Subject: [PATCH net] bpf: uninitialized variables in test code Message-ID: <20181129102703.2huzlalirskjdl4k@kili.mountain> MIME-Version: 1.0 Content-Disposition: inline X-Mailer: git-send-email haha only kidding User-Agent: NeoMutt/20170113 (1.7.2) X-Proofpoint-Virus-Version: vendor=nai engine=5900 definitions=9091 signatures=668686 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1811290091 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Smatch complains that if bpf_test_run() fails with -ENOMEM at the begining then the "duration" is uninitialized. We then copy the unintialized variables to the user inside the bpf_test_finish() function. The functions require CAP_SYS_ADMIN so it's not really an information leak. Fixes: 1cf1cae963c2 ("bpf: introduce BPF_PROG_TEST_RUN command") Signed-off-by: Dan Carpenter Acked-by: Song Liu Reported-by: Dan Carpenter Signed-off-by: Roman Gushchin Reported-by: Dan Carpenter Signed-off-by: Roman Gushchin --- net/bpf/test_run.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/bpf/test_run.c b/net/bpf/test_run.c index c89c22c49015..49304192a031 100644 --- a/net/bpf/test_run.c +++ b/net/bpf/test_run.c @@ -114,7 +114,7 @@ int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr, bool is_l2 = false, is_direct_pkt_access = false; u32 size = kattr->test.data_size_in; u32 repeat = kattr->test.repeat; - u32 retval, duration; + u32 retval, duration = 0; int hh_len = ETH_HLEN; struct sk_buff *skb; struct sock *sk; @@ -196,7 +196,7 @@ int bpf_prog_test_run_xdp(struct bpf_prog *prog, const union bpf_attr *kattr, u32 repeat = kattr->test.repeat; struct netdev_rx_queue *rxqueue; struct xdp_buff xdp = {}; - u32 retval, duration; + u32 retval, duration = 0; void *data; int ret;