-
Bug
-
Resolution: Done-Errata
-
Undefined
-
rhel-9.5
-
None
-
libmnl-1.0.4-16.el9_4
-
None
-
None
-
Upstream
-
rhel-net-core
-
ssg_networking
-
16
-
None
-
False
-
False
-
-
No
-
Red Hat Enterprise Linux
-
None
-
Unspecified Release Note Type - Unknown
-
-
All
-
None
Testing a series of fixes for libnftnl exposed a problem in libmnl:
mnl_attr_put() in RHEL9 does not zero padding bytes. In combination with
mnl_attr_put_str() not adding the terminating NUL, calls to mnl_attr_get_str()
will return a buffer which may not be correctly terminated.
In practice, this happened with s390x only but the code is not
architecture-specific.
Please backport:
commit 37c876b55a2c00424ccda5a300ab5fdec1d88b22
Author: Florian Westphal <fw@strlen.de>
Date: Sun Mar 18 19:33:27 2018 +0100
libmnl: zero attribute padding
Sergei Trofimovich reports 'uninitialized bytes' warnings from nftables:
Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s)
at 0x55B9EFB: sendmsg (in /lib64/libc-2.25.so)
by 0x43E658: mnl_nft_socket_sendmsg (mnl.c:239)
by 0x43E658: mnl_batch_talk (mnl.c:254)
by 0x407898: nft_netlink (libnftables.c:58)
by 0x407898: nft_run (libnftables.c:96)
by 0x407CD5: nft_run_cmd_from_buffer (libnftables.c:291)
by 0x406EDE: main (main.c:274)
This is harmless, the uninitialized memory is the padding
that sometimes needs to be inserted between end of an attribute
and the beginning of the new attribute.
Zero it to silence memory sanitizer output.
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Please build into a side-tag, I'll bump libnftnl release and build into the side-tag as well.
- links to
-
RHBA-2024:132385
libmnl update
