diff options
| author | Mark Johnston <markj@FreeBSD.org> | 2024-11-03 14:36:39 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2024-11-03 16:46:53 +0000 |
| commit | 4ee6a830d6c191c1c420b6764a4d388f756168d3 (patch) | |
| tree | 68d195b98fb80ea66a55b0d0ff0a9ee5ee175545 | |
| parent | 5169d4307eb9c8b7bb0bd46d600012bcc12cbdae (diff) | |
| download | src-4ee6a830d6c1.tar.gz src-4ee6a830d6c1.zip | |
pf: Fix a use of an uninitialized variable
pf_find_state_all() expects the caller to initialize "*more" if it is
non-NULL, but pf_handle_natlook() didn't obey this protocol. Follow the
pattern from OpenBSD and initialize it in the caller.
Also make pf_find_state_all() unconditionally initialize "*more" for
good measure.
Fixes: 71d3c7041d70 ("pf: convert DIOCNATLOOK to netlink")
Reported by: KMSAN
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D47405
| -rw-r--r-- | sys/netpfil/pf/pf.c | 3 | ||||
| -rw-r--r-- | sys/netpfil/pf/pf_nl.c | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/sys/netpfil/pf/pf.c b/sys/netpfil/pf/pf.c index a98baeb4bdec..17614e1a9995 100644 --- a/sys/netpfil/pf/pf.c +++ b/sys/netpfil/pf/pf.c @@ -1798,6 +1798,9 @@ pf_find_state_all(const struct pf_state_key_cmp *key, u_int dir, int *more) struct pf_kstate *s, *ret = NULL; int idx, inout = 0; + if (more != NULL) + *more = 0; + pf_counter_u64_add(&V_pf_status.fcounters[FCNT_STATE_SEARCH], 1); kh = &V_pf_keyhash[pf_hashkey((const struct pf_state_key *)key)]; diff --git a/sys/netpfil/pf/pf_nl.c b/sys/netpfil/pf/pf_nl.c index 67047a319fb8..1da9bead394b 100644 --- a/sys/netpfil/pf/pf_nl.c +++ b/sys/netpfil/pf/pf_nl.c @@ -1264,7 +1264,7 @@ pf_handle_natlook(struct nlmsghdr *hdr, struct nl_pstate *npt) struct pf_state_key *sk; struct pf_kstate *state; struct genlmsghdr *ghdr_new; - int error, m; + int error, m = 0; int sidx, didx; error = nl_parse_nlmsg(hdr, &natlook_parser, npt, &attrs); |