Re: KMSAN: uninit-value in tomoyo_check_inet_address

Thu, 16 May 2019 06:20:08 -0700 

From: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
Date: Thu, May 16, 2019 at 3:13 PM
To: syzbot
Cc: <gli...@google.com>, <jmor...@namei.org>,
<linux-kernel@vger.kernel.org>,
<linux-security-mod...@vger.kernel.org>, <se...@hallyn.com>,
<syzkaller-b...@googlegroups.com>, <taked...@nttdata.co.jp>

> On 2019/05/16 21:58, syzbot wrote:
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit:    3b955a40 usb-fuzzer: main usb gadget fuzzer driver
> > git tree:       kmsan
> > console output: https://syzkaller.appspot.com/x/log.txt?x=1027e608a00000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=602468164ccdc30a
> > dashboard link: https://syzkaller.appspot.com/bug?extid=1018d578c410f9f37261
> > compiler:       clang version 9.0.0 (/home/glider/llvm/clang 
> > 06d00afa61eef8f7f501ebdb4e8612ea43ec2d78)
> >
> > Unfortunately, I don't have any reproducer for this crash yet.
>
> This should be already fixed in linux.git.
>
> #syz fix: tomoyo: Check address length before reading address family
>
> commit e6193f78bb689f3f424559bb45f4a091c8b314df
> Author: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
> Date:   Fri Apr 12 19:59:36 2019 +0900
>
>     tomoyo: Check address length before reading address family
>
>     KMSAN will complain if valid address length passed to bind()/connect()/
>     sendmsg() is shorter than sizeof("struct sockaddr"->sa_family) bytes.
>
>     Signed-off-by: Tetsuo Handa <penguin-ker...@i-love.sakura.ne.jp>
>     Signed-off-by: James Morris <jamor...@linux.microsoft.com>
Apparently the fix didn't make it to 5.1, I'll cherry-pick it to KMSAN tree.
OOC, how did you know about this bug?
> --
> You received this message because you are subscribed to the Google Groups 
> "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an 
> email to syzkaller-bugs+unsubscr...@googlegroups.com.
> To view this discussion on the web visit 
> https://groups.google.com/d/msgid/syzkaller-bugs/2b0b9d18-6773-f2dc-ecb2-9f8782d0962a%40i-love.sakura.ne.jp.
> For more options, visit https://groups.google.com/d/optout.



-- 
Alexander Potapenko
Software Engineer

Google Germany GmbH
Erika-Mann-Straße, 33
80636 München

Geschäftsführer: Paul Manicle, Halimah DeLaine Prado
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg

Reply via email to