When building counter memory in preparation to copy to userland, always

zero the buffers first.  All the current objects appear to be safe,
however future changes might introduce structure pads.
Discussed with guenther, ok bluhm

diff --git a/sys/net/if_pfsync.c b/sys/net/if_pfsync.c
index aa53c5c..80f3787 100644 (file)
--- a/sys/net/if_pfsync.c
+++ b/sys/net/if_pfsync.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: if_pfsync.c,v 1.246 2017/03/11 13:21:16 stsp Exp $    */
+/*     $OpenBSD: if_pfsync.c,v 1.247 2017/04/05 13:35:18 deraadt Exp $ */
 
 /*
  * Copyright (c) 2002 Michael Shalayeff
@@ -2384,6 +2384,7 @@ pfsync_sysctl_pfsyncstat(void *oldp, size_t *oldlenp, void *newp)
        struct pfsyncstats pfsyncstat;
 
        CTASSERT(sizeof(pfsyncstat) == (pfsyncs_ncounters * sizeof(uint64_t)));
+       memset(&pfsyncstat, 0, sizeof pfsyncstat);
        counters_read(pfsynccounters, (uint64_t *)&pfsyncstat,
            pfsyncs_ncounters);
        return (sysctl_rdstruct(oldp, oldlenp, newp,

diff --git a/sys/net/rtsock.c b/sys/net/rtsock.c
index 73814c1..53778a5 100644 (file)
--- a/sys/net/rtsock.c
+++ b/sys/net/rtsock.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: rtsock.c,v 1.235 2017/03/16 10:13:11 mpi Exp $        */
+/*     $OpenBSD: rtsock.c,v 1.236 2017/04/05 13:35:18 deraadt Exp $    */
 /*     $NetBSD: rtsock.c,v 1.18 1996/03/29 00:32:10 cgd Exp $  */
 
 /*
@@ -1642,6 +1642,7 @@ sysctl_rtable(int *name, u_int namelen, void *where, size_t *given, void *new,
                tableid = w.w_arg;
                if (!rtable_exists(tableid))
                        return (ENOENT);
+               memset(&tableinfo, 0, sizeof tableinfo);
                tableinfo.rti_tableid = tableid;
                tableinfo.rti_domainid = rtable_l2(tableid);
                error = sysctl_rdstruct(where, given, new,
@@ -1673,7 +1674,7 @@ sysctl_rtable_rtstat(void *oldp, size_t *oldlenp, void *newp)
        int i;
 
        CTASSERT(sizeof(rtstat) == (nitems(counters) * sizeof(uint32_t)));
-
+       memset(&rtstat, 0, sizeof rtstat);
        counters_read(rtcounters, counters, nitems(counters));
 
        for (i = 0; i < nitems(counters); i++)

diff --git a/sys/netinet/igmp.c b/sys/netinet/igmp.c
index d5c8415..5576f74 100644 (file)
--- a/sys/netinet/igmp.c
+++ b/sys/netinet/igmp.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: igmp.c,v 1.64 2017/02/05 16:23:38 jca Exp $   */
+/*     $OpenBSD: igmp.c,v 1.65 2017/04/05 13:35:18 deraadt Exp $       */
 /*     $NetBSD: igmp.c,v 1.15 1996/02/13 23:41:25 christos Exp $       */
 
 /*
@@ -707,7 +707,7 @@ igmp_sysctl_igmpstat(void *oldp, size_t *oldlenp, void *newp)
        int i;
 
        CTASSERT(sizeof(igmpstat) == (nitems(counters) * sizeof(u_long)));
-
+       memset(&igmpstat, 0, sizeof igmpstat);
        counters_read(igmpcounters, counters, nitems(counters));
 
        for (i = 0; i < nitems(counters); i++)

diff --git a/sys/netinet/ip_carp.c b/sys/netinet/ip_carp.c
index e80f3c2..9944b4a 100644 (file)
--- a/sys/netinet/ip_carp.c
+++ b/sys/netinet/ip_carp.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_carp.c,v 1.304 2017/03/23 14:12:46 bluhm Exp $     */
+/*     $OpenBSD: ip_carp.c,v 1.305 2017/04/05 13:35:18 deraadt Exp $   */
 
 /*
  * Copyright (c) 2002 Michael Shalayeff. All rights reserved.
@@ -729,6 +729,7 @@ carp_sysctl_carpstat(void *oldp, size_t *oldlenp, void *newp)
        struct carpstats carpstat;
 
        CTASSERT(sizeof(carpstat) == (carps_ncounters * sizeof(uint64_t)));
+       memset(&carpstat, 0, sizeof carpstat);
        counters_read(carpcounters, (uint64_t *)&carpstat, carps_ncounters);
        return (sysctl_rdstruct(oldp, oldlenp, newp,
            &carpstat, sizeof(carpstat)));

diff --git a/sys/netinet/ip_divert.c b/sys/netinet/ip_divert.c
index ffa0b3b..1f95bd5 100644 (file)
--- a/sys/netinet/ip_divert.c
+++ b/sys/netinet/ip_divert.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ip_divert.c,v 1.45 2017/03/13 20:18:21 claudio Exp $ */
+/*      $OpenBSD: ip_divert.c,v 1.46 2017/04/05 13:35:18 deraadt Exp $ */
 
 /*
  * Copyright (c) 2009 Michele Marchetto <michele@openbsd.org>
@@ -344,7 +344,7 @@ divert_sysctl_divstat(void *oldp, size_t *oldlenp, void *newp)
        int i;
 
        CTASSERT(sizeof(divstat) == (nitems(counters) * sizeof(u_long)));
-
+       memset(&divstat, 0, sizeof divstat);
        counters_read(divcounters, counters, nitems(counters));
 
        for (i = 0; i < nitems(counters); i++)

diff --git a/sys/netinet/ip_icmp.c b/sys/netinet/ip_icmp.c
index 59bca71..6ec9772 100644 (file)
--- a/sys/netinet/ip_icmp.c
+++ b/sys/netinet/ip_icmp.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_icmp.c,v 1.163 2017/02/07 22:30:16 jmatthew Exp $  */
+/*     $OpenBSD: ip_icmp.c,v 1.164 2017/04/05 13:35:18 deraadt Exp $   */
 /*     $NetBSD: ip_icmp.c,v 1.19 1996/02/13 23:42:22 christos Exp $    */
 
 /*
@@ -929,7 +929,7 @@ icmp_sysctl_icmpstat(void *oldp, size_t *oldlenp, void *newp)
        int i;
 
        CTASSERT(sizeof(icmpstat) == (nitems(counters) * sizeof(u_long)));
-
+       memset(&icmpstat, 0, sizeof icmpstat);
        counters_read(icmpcounters, counters, nitems(counters));
 
        for (i = 0; i < nitems(counters); i++)

diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 3a5990b..4a43563 100644 (file)
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_input.c,v 1.295 2017/02/05 16:23:38 jca Exp $      */
+/*     $OpenBSD: ip_input.c,v 1.296 2017/04/05 13:35:18 deraadt Exp $  */
 /*     $NetBSD: ip_input.c,v 1.30 1996/03/16 23:53:58 christos Exp $   */
 
 /*
@@ -1655,7 +1655,7 @@ ip_sysctl_ipstat(void *oldp, size_t *oldlenp, void *newp)
        int i;
 
        CTASSERT(sizeof(ipstat) == (nitems(counters) * sizeof(u_long)));
-
+       memset(&ipstat, 0, sizeof ipstat);
        counters_read(ipcounters, counters, nitems(counters));
 
        for (i = 0; i < nitems(counters); i++)

diff --git a/sys/netinet/ip_ipip.c b/sys/netinet/ip_ipip.c
index 632a80a..7a47b18 100644 (file)
--- a/sys/netinet/ip_ipip.c
+++ b/sys/netinet/ip_ipip.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ip_ipip.c,v 1.72 2017/03/10 07:29:25 jca Exp $ */
+/*     $OpenBSD: ip_ipip.c,v 1.73 2017/04/05 13:35:18 deraadt Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -603,6 +603,7 @@ ipip_sysctl_ipipstat(void *oldp, size_t *oldlenp, void *newp)
        struct ipipstat ipipstat;
 
        CTASSERT(sizeof(ipipstat) == (ipips_ncounters * sizeof(uint64_t)));
+       memset(&ipipstat, 0, sizeof ipipstat);
        counters_read(ipipcounters, (uint64_t *)&ipipstat, ipips_ncounters);
        return (sysctl_rdstruct(oldp, oldlenp, newp,
            &ipipstat, sizeof(ipipstat)));

diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c
index 272f4eb..ba38eb7 100644 (file)
--- a/sys/netinet/tcp_usrreq.c
+++ b/sys/netinet/tcp_usrreq.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: tcp_usrreq.c,v 1.146 2017/04/02 12:56:39 jca Exp $    */
+/*     $OpenBSD: tcp_usrreq.c,v 1.147 2017/04/05 13:35:18 deraadt Exp $        */
 /*     $NetBSD: tcp_usrreq.c,v 1.20 1996/02/13 23:44:16 christos Exp $ */
 
 /*
@@ -833,6 +833,7 @@ tcp_sysctl_tcpstat(void *oldp, size_t *oldlenp, void *newp)
 
 #define ASSIGN(field)  do { tcpstat.field = counters[i++]; } while (0)
 
+       memset(&tcpstat, 0, sizeof tcpstat);
        counters_read(tcpcounters, counters, nitems(counters));
        ASSIGN(tcps_connattempt);
        ASSIGN(tcps_accepts);

diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c
index 4bf8770..be8f3ca 100644 (file)
--- a/sys/netinet/udp_usrreq.c
+++ b/sys/netinet/udp_usrreq.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: udp_usrreq.c,v 1.232 2017/03/13 20:18:21 claudio Exp $        */
+/*     $OpenBSD: udp_usrreq.c,v 1.233 2017/04/05 13:35:18 deraadt Exp $        */
 /*     $NetBSD: udp_usrreq.c,v 1.28 1996/03/16 23:54:03 christos Exp $ */
 
 /*
@@ -1357,7 +1357,7 @@ udp_sysctl_udpstat(void *oldp, size_t *oldlenp, void *newp)
        int i;
 
        CTASSERT(sizeof(udpstat) == (nitems(counters) * sizeof(u_long)));
-
+       memset(&udpstat, 0, sizeof udpstat);
        counters_read(udpcounters, counters, nitems(counters));
 
        for (i = 0; i < nitems(counters); i++)

diff --git a/sys/netinet6/icmp6.c b/sys/netinet6/icmp6.c
index 88bb835..215d953 100644 (file)
--- a/sys/netinet6/icmp6.c
+++ b/sys/netinet6/icmp6.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: icmp6.c,v 1.203 2017/03/03 13:19:40 bluhm Exp $       */
+/*     $OpenBSD: icmp6.c,v 1.204 2017/04/05 13:35:18 deraadt Exp $     */
 /*     $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */
 
 /*
@@ -1997,7 +1997,7 @@ icmp6_sysctl_icmp6stat(void *oldp, size_t *oldlenp, void *newp)
        int ret;
 
        CTASSERT(sizeof(*icmp6stat) == icp6s_ncounters * sizeof(uint64_t));
-       icmp6stat = malloc(sizeof(*icmp6stat), M_TEMP, M_WAITOK);
+       icmp6stat = malloc(sizeof(*icmp6stat), M_TEMP, M_WAITOK|M_ZERO);
        counters_read(icmp6counters, (uint64_t *)icmp6stat, icp6s_ncounters);
        ret = sysctl_rdstruct(oldp, oldlenp, newp,
            icmp6stat, sizeof(*icmp6stat));