diff options
author | Eric Paris <eparis@redhat.com> | 2012-02-23 10:52:07 -0500 |
---|---|---|
committer | Paul Moore <pmoore@redhat.com> | 2012-02-23 13:31:07 -0500 |
commit | d0b432e69bacd73fa5abc0f722c52ae8f81c911f (patch) | |
tree | fa96933e85243d019773738da3c5d53a27b04bbe /.gitignore | |
parent | 705b9c72e4ea26ff61cc06919cc60bf07e05c59b (diff) | |
download | libseccomp-d0b432e69bacd73fa5abc0f722c52ae8f81c911f.tar.gz |
bpf: do not hash uninitialized bpf memory
Subtle little bug. struct bpf_instr looks like this in memory:
struct bpf_instr {
uint16_t op; /* 0 2 */
/* XXX 2 bytes hole */
struct bpf_jump jt; /* 4 8 */
struct bpf_jump jf; /* 12 8 */
uint32_t k; /* 20 4 */
};
We have the _BPF_INSTR macro which fills in the instruction field by field.
The problem with filling it in field by field is that the 2 byte hole is
never initialized and can contain random stack garbage. This whole struct
is then memcpy'd into the state from _blk_append. Then the whole struct is
hashed. But now the hash contains the 2 bytes of random crap which wasn't
initialized. Fix this by always zero-ing the whole struct in _BPF_INSTR.
Signed-off-by: Eric Paris <eparis@redhat.com>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to '.gitignore')
0 files changed, 0 insertions, 0 deletions