Re: PATCH: uninitialized memory access in tcp_parse_options

From: David Miller <davem@davemloft.net>
Date: 2010-06-29 04:22:28

From: Eric Dumazet <redacted>
Date: Sat, 26 Jun 2010 07:58:04 +0200

quoted hunk ↗ jump to hunk

If you want to avoid valgrind false positive at this point, without
introducing bug for other tcp_parse_options() callers, a better fix
would be following patch.

Thanks

diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
index 794c2e1..4e758ac 100644
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c

@@ -520,14 +520,13 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
 			   struct request_sock *req,
 			   struct request_sock **prev)
 {
-	struct tcp_options_received tmp_opt;
+	struct tcp_options_received tmp_opt = {0};
 	u8 *hash_location;
 	struct sock *child;

That's a 28 byte memset() in the connect fast-path.  We shouldn't eat this
just to placate a valgrind miscue. :-)

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help