From 801c84ae9518bce9bae13d28b4c15e1e9daf3e4b Mon Sep 17 00:00:00 2001 From: Mark Johnston Date: Thu, 20 Mar 2025 01:33:44 +0000 Subject: [PATCH] netinet: Fix getcred sysctl handlers to do nothing if no input is given These routines were all assuming that the sysctl handler has some new value, but this is not the case. SYSCTL_IN() returns 0 in this scenario, so they were all operating on an uninitialized address. This is mostly harmless, but trips KMSAN checks, so let's fix them. Reviewed by: zlei, rrs, glebius MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D49348 (cherry picked from commit 3ff865c6a7948b2cfc01d7056c619145b696700a) --- sys/netinet/sctp_usrreq.c | 3 ++- sys/netinet/tcp_subr.c | 4 ++++ sys/netinet/udp_usrreq.c | 2 ++ sys/netinet6/sctp6_usrreq.c | 2 ++ sys/netinet6/udp6_usrreq.c | 2 ++ 5 files changed, 12 insertions(+), 1 deletion(-) diff --git a/sys/netinet/sctp_usrreq.c b/sys/netinet/sctp_usrreq.c index 29d63f989e7..4c9239f84df 100644 --- a/sys/netinet/sctp_usrreq.c +++ b/sys/netinet/sctp_usrreq.c @@ -361,8 +361,9 @@ sctp_getcred(SYSCTL_HANDLER_ARGS) /* FIX, for non-bsd is this right? */ vrf_id = SCTP_DEFAULT_VRFID; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); - if (error) return (error); diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index d633bd66034..dcd947384d9 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -2751,6 +2751,8 @@ tcp_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); @@ -2793,6 +2795,8 @@ tcp6_getcred(SYSCTL_HANDLER_ARGS) int mapped = 0; #endif + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index c9d2f3e8ea7..6a3cffc8a05 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -820,6 +820,8 @@ udp_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); diff --git a/sys/netinet6/sctp6_usrreq.c b/sys/netinet6/sctp6_usrreq.c index e38bf2b4ae6..0d59209ceed 100644 --- a/sys/netinet6/sctp6_usrreq.c +++ b/sys/netinet6/sctp6_usrreq.c @@ -375,6 +375,8 @@ sctp6_getcred(SYSCTL_HANDLER_ARGS) vrf_id = SCTP_DEFAULT_VRFID; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error); diff --git a/sys/netinet6/udp6_usrreq.c b/sys/netinet6/udp6_usrreq.c index bd40290da3d..a57ae112877 100644 --- a/sys/netinet6/udp6_usrreq.c +++ b/sys/netinet6/udp6_usrreq.c @@ -609,6 +609,8 @@ udp6_getcred(SYSCTL_HANDLER_ARGS) struct inpcb *inp; int error; + if (req->newptr == NULL) + return (EINVAL); error = priv_check(req->td, PRIV_NETINET_GETCRED); if (error) return (error);