On Tue, Jun 6, 2017 at 10:36 PM, David Miller <da...@davemloft.net> wrote: > From: Alexander Potapenko <gli...@google.com> > Date: Tue, 6 Jun 2017 15:56:54 +0200 > >> KMSAN reported a use of uninitialized memory in dev_set_alias(), >> which was caused by calling strlcpy() (which in turn called strlen()) >> on the user-supplied non-terminated string. >> >> Signed-off-by: Alexander Potapenko <gli...@google.com> > > We should not be allowing non-NULL terminated strings for the > IFLA_IFALIAS attribute. It's defined as type NLA_STRING in > the ifla_policy[] array. Sorry, I couldn't determine from RFC 2233 whether ifAlias is zero-terminated or not, but looking at validate_nla() I see that NLA_STRING is supposed to be such. I'll check what's going on.
> Please figure out why we aren't enforcing the attribute policy > properly, rather than adding a workaround. Guess the string has been previously claimed to be non-terminated here: https://patchwork.ozlabs.org/patch/996/ > Thanks. -- Alexander Potapenko Software Engineer Google Germany GmbH Erika-Mann-Straße, 33 80636 München Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg
