On Tue, 1 Mar 2022 08:18:55 +0000 cgel.zte@xxxxxxxxx wrote: > From: Minghao Chi (CGEL ZTE) <chi.minghao@xxxxxxxxxx> > > Use memset to initialize structs to preventing infoleaks > in sctp_auth_chunk_verify Please explain where it's leaked to. Looks like a parameter structure that's used by the called but not copied anywhere. > diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c > index cc544a97c4af..7ff16d12e0c5 100644 > --- a/net/sctp/sm_statefuns.c > +++ b/net/sctp/sm_statefuns.c > @@ -652,6 +652,7 @@ static bool sctp_auth_chunk_verify(struct net *net, struct sctp_chunk *chunk, > return false; > > /* set-up our fake chunk so that we can process it */ > + memset(&auth, 0x0, sizeof(auth)); > auth.skb = chunk->auth_chunk; > auth.asoc = chunk->asoc; > auth.sctp_hdr = chunk->sctp_hdr;
