Re: [PATCH] net/sctp: use memset avoid infoleaks

From: Jakub Kicinski
Date: Thu Mar 03 2022 - 01:18:47 EST


On Tue, 1 Mar 2022 08:18:55 +0000 cgel.zte@xxxxxxxxx wrote:
> From: Minghao Chi (CGEL ZTE) <chi.minghao@xxxxxxxxxx>
>
> Use memset to initialize structs to preventing infoleaks
> in sctp_auth_chunk_verify

Please explain where it's leaked to. Looks like a parameter structure
that's used by the called but not copied anywhere.

> diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c
> index cc544a97c4af..7ff16d12e0c5 100644
> --- a/net/sctp/sm_statefuns.c
> +++ b/net/sctp/sm_statefuns.c
> @@ -652,6 +652,7 @@ static bool sctp_auth_chunk_verify(struct net *net, struct sctp_chunk *chunk,
> return false;
>
> /* set-up our fake chunk so that we can process it */
> + memset(&auth, 0x0, sizeof(auth));
> auth.skb = chunk->auth_chunk;
> auth.asoc = chunk->asoc;
> auth.sctp_hdr = chunk->sctp_hdr;