3
0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-01 15:49:49 +01:00

netdev: zero out diagnostic info

The info struct is on the stack which leads to the potential
for uninitialized data access. Zero out the info struct prior
to calling the get station callback:

==141137== Conditional jump or move depends on uninitialised value(s)
==141137==    at 0x458A6F: diagnostic_info_to_dict (diagnostic.c:109)
==141137==    by 0x41200B: station_get_diagnostic_cb (station.c:3620)
==141137==    by 0x405BE1: netdev_get_station_cb (netdev.c:4783)
==141137==    by 0x4722F9: process_unicast (genl.c:994)
==141137==    by 0x4722F9: received_data (genl.c:1102)
==141137==    by 0x46F28B: io_callback (io.c:120)
==141137==    by 0x46E5AC: l_main_iterate (main.c:478)
==141137==    by 0x46E65B: l_main_run (main.c:525)
==141137==    by 0x46E65B: l_main_run (main.c:507)
==141137==    by 0x46E86B: l_main_run_with_signal (main.c:647)
==141137==    by 0x403EA8: main (main.c:490)
This commit is contained in:
James Prestwood 2021-04-28 09:21:13 -07:00 committed by Denis Kenzior
parent 8cb61f9aae
commit 11914431bc

View File

@ -4772,6 +4772,8 @@ static void netdev_get_station_cb(struct l_genl_msg *msg, void *user_data)
if (!l_genl_attr_init(&attr, msg)) if (!l_genl_attr_init(&attr, msg))
goto parse_error; goto parse_error;
memset(&info, 0, sizeof(info));
while (l_genl_attr_next(&attr, &type, &len, &data)) { while (l_genl_attr_next(&attr, &type, &len, &data)) {
switch (type) { switch (type) {
case NL80211_ATTR_STA_INFO: case NL80211_ATTR_STA_INFO: