From 3ff865c6a7948b2cfc01d7056c619145b696700a Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Thu, 20 Mar 2025 01:33:44 +0000 Subject: [PATCH] netinet: Fix getcred sysctl handlers to do nothing if no input is given These routines were all assuming that the sysctl handler has some new value, but this is not the case. SYSCTL_IN() returns 0 in this scenario, so they were all operating on an uninitialized address. This is mostly harmless, but trips KMSAN checks, so let's fix them. Reviewed by: zlei, rrs, glebius MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D49348 --- sys/netinet/sctp_usrreq.c | 3 ++- sys/netinet/tcp_subr.c | 4 ++++ sys/netinet/udp_usrreq.c | 2 ++ sys/netinet6/sctp6_usrreq.c | 2 ++ sys/netinet6/udp6_usrreq.c | 2 ++ 5 files changed, 12 insertions(+), 1 deletion(-) diff --git a/sys/netinet/sctp_usrreq.c b/sys/netinet/sctp_usrreq.c index 7fb7ab3418c..94d57225c20 100644 --- a/sys/netinet/sctp_usrreq.c +++ b/sys/netinet/sctp_usrreq.c @@ -361,8 +361,9 @@ sctp_getcred(SYSCTL_HANDLER_ARGS) /* FIX, for non-bsd is this right? */ vrf_id = SCTP_DEFAULT_VRFID; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); - if (error) return (error); diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 03efc759092..f6317815521 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -2698,6 +2698,8 @@ tcp_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); @@ -2740,6 +2742,8 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS) int mapped = 0; #endif + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index b3d980956b6..dafbaf6dc67 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -844,6 +844,8 @@ udp_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); diff --git a/sys/netinet6/sctp6_usrreq.c b/sys/netinet6/sctp6_usrreq.c index c0e758e9e12..8964ccf54c5 100644 --- a/sys/netinet6/sctp6_usrreq.c +++ b/sys/netinet6/sctp6_usrreq.c @@ -375,6 +375,8 @@ sctp6_getcred(SYSCTL_HANDLER_ARGS) vrf_id = SCTP_DEFAULT_VRFID; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c index 40216ad4c42..c44510e3b65 100644 --- a/sys/netinet6/udp6_usrreq.c +++ b/sys/netinet6/udp6_usrreq.c @@ -617,6 +617,8 @@ udp6_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error);