nfsclient: Avoid copying uninitialized bytes into statfs
ClosedPublic
Actions

Authored by markj on Jul 13 2021, 10:45 PM.

Details

Reviewers

Commits

rG44de1834b53f: nfsclient: Avoid copying uninitialized bytes into statfs

Summary

hst will be nul-terminated but may be followed by uninitialized bytes.
Avoid copying all of them since they are exported to userland via
statfs(2).

Reported by: KMSAN
MFC after: 2 weeks

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

markj created this revision.Jul 13 2021, 10:45 PM

Herald added a subscriber: imp. · View Herald TranscriptJul 13 2021, 10:45 PM

markj requested review of this revision.Jul 13 2021, 10:45 PM

Harbormaster completed remote builds in B40458: Diff 92161.Jul 13 2021, 10:45 PM

This looks ok to me. It does assume that "mnt_stat" is initialized '0', but that is the case.

Alternately, you could add M_ZERO to the malloc() for hst, and then it doesn't matter
if mnt_stat is properly initialized.

I'll let you decide which you prefer.

This revision is now accepted and ready to land.Jul 13 2021, 11:45 PM

In D31167#701453, @rmacklem wrote:

This looks ok to me. It does assume that "mnt_stat" is initialized '0', but that is the case.

Alternately, you could add M_ZERO to the malloc() for hst, and then it doesn't matter
if mnt_stat is properly initialized.

I'll let you decide which you prefer.

I thought about using M_ZERO but I think this approach is more internally consistent: there are other strings allocated when mounting that don't require M_ZERO, and NFS itself doesn't care whether the hostname buffer is zeroed.

Closed by commit rG44de1834b53f: nfsclient: Avoid copying uninitialized bytes into statfs (authored by markj). · Explain WhyJul 15 2021, 4:26 PM

This revision was automatically updated to reflect the committed changes.

markj added a commit: rG44de1834b53f: nfsclient: Avoid copying uninitialized bytes into statfs.