Module Name: src
Committed By: riastradh
Date: Fri Aug 5 23:43:46 UTC 2022
Modified Files:
src/sys/kern: kern_entropy.c
Log Message:
entropy: Don't disclose stack garbage in kern.entropy sysctls.
kern.entropy.consolidate and kern.entropy.gather are supposed to be
write-only -- it doesn't make any sense to read from them, but I
suppose it's better to read-as-zero than read-as-stack-secrets!
To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 src/sys/kern/kern_entropy.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/kern_entropy.c
diff -u src/sys/kern/kern_entropy.c:1.56 src/sys/kern/kern_entropy.c:1.57
--- src/sys/kern/kern_entropy.c:1.56 Fri May 13 09:40:02 2022
+++ src/sys/kern/kern_entropy.c Fri Aug 5 23:43:46 2022
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_entropy.c,v 1.56 2022/05/13 09:40:02 riastradh Exp $ */
+/* $NetBSD: kern_entropy.c,v 1.57 2022/08/05 23:43:46 riastradh Exp $ */
/*-
* Copyright (c) 2019 The NetBSD Foundation, Inc.
@@ -75,7 +75,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.56 2022/05/13 09:40:02 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.57 2022/08/05 23:43:46 riastradh Exp $");
#include <sys/param.h>
#include <sys/types.h>
@@ -1291,7 +1291,7 @@ static int
sysctl_entropy_consolidate(SYSCTLFN_ARGS)
{
struct sysctlnode node = *rnode;
- int arg;
+ int arg = 0;
int error;
KASSERT(E->stage == ENTROPY_HOT);
@@ -1317,7 +1317,7 @@ static int
sysctl_entropy_gather(SYSCTLFN_ARGS)
{
struct sysctlnode node = *rnode;
- int arg;
+ int arg = 0;
int error;
KASSERT(E->stage == ENTROPY_HOT);
