From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Sat, 3 Sep 2022 18:44:49 +0000 (-0400)
Subject: Fix: lttng-abi: zero-init counter_conf
X-Git-Url: http://git.lttng.org./?a=commitdiff_plain;h=434e86eea846b33cad57f1d8105089905f541853;p=lttng-modules.git

Fix: lttng-abi: zero-init counter_conf

Both lttng_abi_copy_user_old_counter_conf and
lttng_abi_copy_user_counter_conf should zero-init the counter_conf
destination argument, else the "dimension->flags" field is uninitialized
before being OR'd with flags.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Change-Id: Ib2e0ca5871ec6fc9f485ec1b60f362de9568b9d1
---

diff --git a/src/lttng-abi.c b/src/lttng-abi.c
index d91aabea..97fbfe95 100644
--- a/src/lttng-abi.c
+++ b/src/lttng-abi.c
@@ -1306,6 +1306,7 @@ int lttng_abi_copy_user_old_counter_conf(struct lttng_kernel_counter_conf *count
 	struct lttng_kernel_counter_dimension *dimension;
 	int ret;
 
+	memset(counter_conf, 0, sizeof(*counter_conf));
 	ret = copy_from_user(&old_kcounter_conf, old_ucounter_conf,
 			sizeof(old_kcounter_conf));
 	if (ret)
@@ -1355,6 +1356,7 @@ int lttng_abi_copy_user_counter_conf(struct lttng_kernel_counter_conf *counter_c
 	struct lttng_kernel_abi_counter_dimension __user *udimension;
 	int ret;
 
+	memset(counter_conf, 0, sizeof(*counter_conf));
 	ret = get_user(len, &ucounter_conf->len);
 	if (ret)
 		return ret;
@@ -3370,7 +3372,7 @@ long lttng_event_notifier_group_ioctl(struct file *file, unsigned int cmd,
 	}
 	case LTTNG_KERNEL_ABI_OLD_COUNTER:
 	{
-		struct lttng_kernel_counter_conf counter_conf = {};
+		struct lttng_kernel_counter_conf counter_conf;
 
 		ret = lttng_abi_copy_user_old_counter_conf(&counter_conf,
 				(struct lttng_kernel_abi_old_counter_conf __user *) arg);
@@ -3380,7 +3382,7 @@ long lttng_event_notifier_group_ioctl(struct file *file, unsigned int cmd,
 	}
 	case LTTNG_KERNEL_ABI_COUNTER:
 	{
-		struct lttng_kernel_counter_conf counter_conf = {};
+		struct lttng_kernel_counter_conf counter_conf;
 
 		ret = lttng_abi_copy_user_counter_conf(&counter_conf,
 				(struct lttng_kernel_abi_counter_conf __user *) arg);