diff --git a/SOURCES/0001-libmnl-zero-attribute-padding.patch b/SOURCES/0001-libmnl-zero-attribute-padding.patch new file mode 100644 index 0000000..26a48ba --- /dev/null +++ b/SOURCES/0001-libmnl-zero-attribute-padding.patch @@ -0,0 +1,49 @@ +From 387193faf4e8216ef201f2c685f69f6fa766ec46 Mon Sep 17 00:00:00 2001 +From: Florian Westphal +Date: Sun, 18 Mar 2018 19:33:27 +0100 +Subject: [PATCH] libmnl: zero attribute padding + +Sergei Trofimovich reports 'uninitialized bytes' warnings from nftables: + +Syscall param sendmsg(msg.msg_iov[0]) points to uninitialised byte(s) + at 0x55B9EFB: sendmsg (in /lib64/libc-2.25.so) + by 0x43E658: mnl_nft_socket_sendmsg (mnl.c:239) + by 0x43E658: mnl_batch_talk (mnl.c:254) + by 0x407898: nft_netlink (libnftables.c:58) + by 0x407898: nft_run (libnftables.c:96) + by 0x407CD5: nft_run_cmd_from_buffer (libnftables.c:291) + by 0x406EDE: main (main.c:274) + +This is harmless, the uninitialized memory is the padding +that sometimes needs to be inserted between end of an attribute +and the beginning of the new attribute. + +Zero it to silence memory sanitizer output. + +Signed-off-by: Florian Westphal +Acked-by: Pablo Neira Ayuso +(cherry picked from commit 37c876b55a2c00424ccda5a300ab5fdec1d88b22) +--- + src/attr.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/attr.c b/src/attr.c +index 4f131874c11e4..0359ba959d7a0 100644 +--- a/src/attr.c ++++ b/src/attr.c +@@ -412,10 +412,15 @@ void mnl_attr_put(struct nlmsghdr *nlh, uint16_t type, size_t len, + { + struct nlattr *attr = mnl_nlmsg_get_payload_tail(nlh); + uint16_t payload_len = MNL_ALIGN(sizeof(struct nlattr)) + len; ++ int pad; + + attr->nla_type = type; + attr->nla_len = payload_len; + memcpy(mnl_attr_get_payload(attr), data, len); ++ pad = MNL_ALIGN(len) - len; ++ if (pad > 0) ++ memset(mnl_attr_get_payload(attr) + len, 0, pad); ++ + nlh->nlmsg_len += MNL_ALIGN(payload_len); + } + diff --git a/SPECS/libmnl.spec b/SPECS/libmnl.spec index 874d104..f6e764d 100644 --- a/SPECS/libmnl.spec +++ b/SPECS/libmnl.spec @@ -1,12 +1,14 @@ Name: libmnl Version: 1.0.4 -Release: 15%{?dist} +Release: 16%{?dist} Summary: A minimalistic Netlink library License: LGPLv2+ URL: http://netfilter.org/projects/libmnl Source0: http://netfilter.org/projects/libmnl/files/%{name}-%{version}.tar.bz2 +Patch01: 0001-libmnl-zero-attribute-padding.patch + BuildRequires: gcc BuildRequires: make @@ -35,7 +37,7 @@ The %{name}-static package contains static libraries for devleoping applications %prep -%setup -q +%autosetup -p1 %build @@ -69,6 +71,9 @@ mv examples examples-%{_arch} %{_libdir}/*.a %changelog +* Thu May 09 2024 Phil Sutter - 1.0.4-16 +- libmnl: zero attribute padding + * Mon Aug 09 2021 Mohan Boddu - 1.0.4-15 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688