From 8f4823934bbad984c5cc2961e4f6fc410afb7535 Mon Sep 17 00:00:00 2001 From: Andrew Deason Date: Wed, 4 Feb 2015 10:25:38 -0600 Subject: [PATCH] rx: Zero unitialized uio structs We use some uio structures that were allocated on the stack, but we only initialize them by initializing individual fields. On some platforms (Solaris is one known example, but probably not the only one), there are additional fields we do not initialize. Since we cannot be certain of what any additional fields there may be, just zero the whole thing. This is basically the same change as I0eae0b49a70aee19f3a9ec118b03cfb3a6bd03a3, but in the rx subtree. Reviewed-on: http://gerrit.openafs.org/11711 Tested-by: Andrew Deason Tested-by: BuildBot Reviewed-by: Perry Ruiter Reviewed-by: Jeffrey Altman Reviewed-by: Daria Brashear (cherry picked from commit a762e6871ad6837ee126cec9e63d99388b4bf119) Change-Id: Ie6a2cce500d6a0a7a09c305296f4b34d122d3108 Reviewed-on: http://gerrit.openafs.org/11714 Tested-by: BuildBot Tested-by: Andrew Deason Reviewed-by: Perry Ruiter Reviewed-by: Benjamin Kaduk Reviewed-by: Chas Williams - CONTRACTOR Reviewed-by: Stephan Wiesand --- src/rx/DARWIN/rx_knet.c | 27 ++++++++++++++++----------- src/rx/FBSD/rx_knet.c | 7 +++++++ src/rx/HPUX/rx_knet.c | 6 ++++++ src/rx/IRIX/rx_knet.c | 6 ++++++ src/rx/NBSD/rx_knet.c | 6 ++++++ src/rx/OBSD/rx_knet.c | 6 ++++++ src/rx/SOLARIS/rx_knet.c | 6 ++++++ 7 files changed, 53 insertions(+), 11 deletions(-) diff --git a/src/rx/DARWIN/rx_knet.c b/src/rx/DARWIN/rx_knet.c index 9250df82f..f72c41ab1 100644 --- a/src/rx/DARWIN/rx_knet.c +++ b/src/rx/DARWIN/rx_knet.c @@ -165,6 +165,14 @@ int osi_NetReceive(osi_socket so, struct sockaddr_in *addr, struct iovec *dvec, int nvecs, int *alength) { + int i; + struct iovec iov[RX_MAXIOVECS]; + struct sockaddr *sa = NULL; + int code; + size_t resid; + + int haveGlock = ISAFS_GLOCK(); + #ifdef AFS_DARWIN80_ENV socket_t asocket = (socket_t)so; struct msghdr msg; @@ -174,14 +182,9 @@ osi_NetReceive(osi_socket so, struct sockaddr_in *addr, struct iovec *dvec, #else struct socket *asocket = (struct socket *)so; struct uio u; + memset(&u, 0, sizeof(u)); #endif - int i; - struct iovec iov[RX_MAXIOVECS]; - struct sockaddr *sa = NULL; - int code; - size_t resid; - - int haveGlock = ISAFS_GLOCK(); + memset(&iov, 0, sizeof(iov)); /*AFS_STATCNT(osi_NetReceive); */ if (nvecs > RX_MAXIOVECS) @@ -281,6 +284,10 @@ int osi_NetSend(osi_socket so, struct sockaddr_in *addr, struct iovec *dvec, int nvecs, afs_int32 alength, int istack) { + afs_int32 code; + int i; + struct iovec iov[RX_MAXIOVECS]; + int haveGlock = ISAFS_GLOCK(); #ifdef AFS_DARWIN80_ENV socket_t asocket = (socket_t)so; struct msghdr msg; @@ -288,11 +295,9 @@ osi_NetSend(osi_socket so, struct sockaddr_in *addr, struct iovec *dvec, #else struct socket *asocket = (struct socket *)so; struct uio u; + memset(&u, 0, sizeof(u)); #endif - afs_int32 code; - int i; - struct iovec iov[RX_MAXIOVECS]; - int haveGlock = ISAFS_GLOCK(); + memset(&iov, 0, sizeof(iov)); AFS_STATCNT(osi_NetSend); if (nvecs > RX_MAXIOVECS) diff --git a/src/rx/FBSD/rx_knet.c b/src/rx/FBSD/rx_knet.c index fef1d4f65..1e8a013c9 100644 --- a/src/rx/FBSD/rx_knet.c +++ b/src/rx/FBSD/rx_knet.c @@ -26,6 +26,10 @@ osi_NetReceive(osi_socket asocket, struct sockaddr_in *addr, int code; int haveGlock = ISAFS_GLOCK(); + + memset(&u, 0, sizeof(u)); + memset(&iov, 0, sizeof(iov)); + /*AFS_STATCNT(osi_NetReceive); */ if (nvecs > RX_MAXIOVECS) @@ -137,6 +141,9 @@ osi_NetSend(osi_socket asocket, struct sockaddr_in *addr, struct iovec *dvec, struct uio u; int haveGlock = ISAFS_GLOCK(); + memset(&u, 0, sizeof(u)); + memset(&iov, 0, sizeof(iov)); + AFS_STATCNT(osi_NetSend); if (nvecs > RX_MAXIOVECS) osi_Panic("osi_NetSend: %d: Too many iovecs.\n", nvecs); diff --git a/src/rx/HPUX/rx_knet.c b/src/rx/HPUX/rx_knet.c index c797cfd23..8ea0263cb 100644 --- a/src/rx/HPUX/rx_knet.c +++ b/src/rx/HPUX/rx_knet.c @@ -225,6 +225,9 @@ osi_NetSend(struct socket *asocket, struct sockaddr_in *addr, int code; int size = sizeof(struct sockaddr_in); + memset(&uio, 0, sizeof(uio)); + memset(&temp, 0, sizeof(temp)); + /* Guess based on rxk_NewSocket */ bp = allocb((size + SO_MSGOFFSET + 1), BPRI_MED); if (!bp) @@ -258,6 +261,9 @@ osi_NetReceive(osi_socket so, struct sockaddr_in *addr, struct iovec *dvec, int flags = 0; MBLKP bp, sp; + memset(&tuio, 0, sizeof(tuio)); + memset(&tmpvec, 0, sizeof(tempvec)); + if (nvecs > RX_MAXWVECS + 2) { osi_Panic("Too many (%d) iovecs passed to osi_NetReceive\n", nvecs); } diff --git a/src/rx/IRIX/rx_knet.c b/src/rx/IRIX/rx_knet.c index 421609d33..fe9e9c716 100644 --- a/src/rx/IRIX/rx_knet.c +++ b/src/rx/IRIX/rx_knet.c @@ -57,6 +57,9 @@ osi_NetReceive(osi_socket so, struct sockaddr_in *addr, struct iovec *dvec, BHV_PDATA(&bhv) = (void *)so; #endif + memset(&tuio, 0, sizeof(tuio)); + memset(&tmpvec, 0, sizeof(tmpvec)); + tuio.uio_iov = tmpvec; tuio.uio_iovcnt = nvecs; tuio.uio_offset = 0; @@ -429,6 +432,9 @@ osi_NetSend(asocket, addr, dvec, nvec, asize, istack) int i; bhv_desc_t bhv; + memset(&tuio, 0, sizeof(tuio)); + memset(&tvecs, 0, sizeof(tvecs)); + if (nvec > RX_MAXWVECS + 1) { osi_Panic("osi_NetSend: %d: Too many iovecs.\n", nvec); } diff --git a/src/rx/NBSD/rx_knet.c b/src/rx/NBSD/rx_knet.c index f4cb55873..5b3c5f856 100644 --- a/src/rx/NBSD/rx_knet.c +++ b/src/rx/NBSD/rx_knet.c @@ -24,6 +24,9 @@ osi_NetReceive(osi_socket asocket, struct sockaddr_in *addr, int glocked = ISAFS_GLOCK(); + memset(&u, 0, sizeof(u)); + memset(&iov, 0, sizeof(iov)); + if (nvecs > RX_MAXIOVECS) osi_Panic("osi_NetReceive: %d: too many iovecs\n", nvecs); @@ -89,6 +92,9 @@ osi_NetSend(osi_socket asocket, struct sockaddr_in *addr, struct iovec *dvec, struct mbuf *nam; int glocked = ISAFS_GLOCK(); + memset(&u, 0, sizeof(u)); + memset(&iov, 0, sizeof(iov)); + AFS_STATCNT(osi_NetSend); if (nvecs > RX_MAXIOVECS) osi_Panic("osi_NetSend: %d: Too many iovecs.\n", nvecs); diff --git a/src/rx/OBSD/rx_knet.c b/src/rx/OBSD/rx_knet.c index 569caac46..9e61c33d6 100644 --- a/src/rx/OBSD/rx_knet.c +++ b/src/rx/OBSD/rx_knet.c @@ -24,6 +24,9 @@ osi_NetReceive(osi_socket asocket, struct sockaddr_in *addr, int haveGlock = ISAFS_GLOCK(); + memset(&u, 0, sizeof(u)); + memset(&iov, 0, sizeof(iov)); + if (nvecs > RX_MAXIOVECS) osi_Panic("osi_NetReceive: %d: too many iovecs\n", nvecs); @@ -92,6 +95,9 @@ osi_NetSend(osi_socket asocket, struct sockaddr_in *addr, struct iovec *dvec, struct mbuf *nam; int haveGlock = ISAFS_GLOCK(); + memset(&u, 0, sizeof(u)); + memset(&iov, 0, sizeof(iov)); + AFS_STATCNT(osi_NetSend); if (nvecs > RX_MAXIOVECS) osi_Panic("osi_NetSend: %d: Too many iovecs.\n", nvecs); diff --git a/src/rx/SOLARIS/rx_knet.c b/src/rx/SOLARIS/rx_knet.c index 2118e0483..19df875c5 100644 --- a/src/rx/SOLARIS/rx_knet.c +++ b/src/rx/SOLARIS/rx_knet.c @@ -491,6 +491,9 @@ osi_NetSend(osi_socket asocket, struct sockaddr_in *addr, struct iovec *dvec, int error; int i; + memset(&uio, 0, sizeof(uio)); + memset(&iov, 0, sizeof(iov)); + if (nvecs > RX_MAXIOVECS) { osi_Panic("osi_NetSend: %d: Too many iovecs.\n", nvecs); } @@ -531,6 +534,9 @@ osi_NetReceive(osi_socket so, struct sockaddr_in *addr, struct iovec *dvec, int error; int i; + memset(&uio, 0, sizeof(uio)); + memset(&iov, 0, sizeof(iov)); + if (nvecs > RX_MAXIOVECS) { osi_Panic("osi_NetSend: %d: Too many iovecs.\n", nvecs); } -- 2.39.5