netlink: Zero-initialize writer structures allocated on the stack

The prevailing pattern seems to be to simply initialize all fields to zero. Without this, it's possible to trigger a branch on uninitialized memory, specifically, when testing nw->ignore_limit in nlmsg_refill_buffer(). Initialize the writer structure in a couple of functions where this is necessary. Reported by: KMSAN Reviewed by: melifaro Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D38213
2023-01-26 10:46:19 -05:00 · 2023-01-26 10:46:19 -05:00 · 7a78ae8865
commit 7a78ae8865
parent 0d0ca120a7
1 changed files with 3 additions and 4 deletions
--- a/sys/netlink/route/rt.c
+++ b/sys/netlink/route/rt.c
@ -336,9 +336,9 @@ static void
 report_operation(uint32_t fibnum, struct rib_cmd_info *rc,
    struct nlpcb *nlp, struct nlmsghdr *hdr)
 {
-	struct nl_writer nw;
-
+	struct nl_writer nw = {};
 	uint32_t group_id = family_to_group(rt_get_family(rc->rc_rt));
+
 	if (nlmsg_get_group_writer(&nw, NLMSG_SMALL, NETLINK_ROUTE, group_id)) {
 		struct route_nhop_data rnd = {
 			.rnd_nhop = rc_get_nhop(rc),
@ -918,10 +918,9 @@ rtnl_handle_getroute(struct nlmsghdr *hdr, struct nlpcb *nlp, struct nl_pstate *
 void
 rtnl_handle_route_event(uint32_t fibnum, const struct rib_cmd_info *rc)
 {
+	struct nl_writer nw = {};
 	int family, nlm_flags = 0;

-	struct nl_writer nw;
-
 	family = rt_get_family(rc->rc_rt);

 	/* XXX: check if there are active listeners first */