From f91d3ae36c8cdbc65afb3fe517ea68700fa8ed30 Mon Sep 17 00:00:00 2001 From: Donald Sharp Date: Sat, 30 Jan 2021 14:31:47 -0500 Subject: [PATCH] bfdd: Prevent unininited data transmittal Valgrind reports: 2052866-==2052866== 2052866-==2052866== Syscall param sendmsg(msg.msg_name) points to uninitialised byte(s) 2052866:==2052866== at 0x49C8E13: sendmsg (sendmsg.c:28) 2052866-==2052866== by 0x11DC08: bp_udp_send (bfd_packet.c:823) 2052866-==2052866== by 0x11DD76: ptm_bfd_echo_snd (bfd_packet.c:179) 2052866-==2052866== by 0x114C2D: ptm_bfd_echo_xmt_TO (bfd.c:469) 2052866-==2052866== by 0x114C2D: ptm_bfd_echo_start (bfd.c:498) 2052866-==2052866== by 0x114C2D: bs_echo_timer_handler (bfd.c:1199) 2052866-==2052866== by 0x11E478: bfd_recv_cb (bfd_packet.c:702) 2052866-==2052866== by 0x4904846: thread_call (thread.c:1681) 2052866-==2052866== by 0x48CB4DF: frr_run (libfrr.c:1126) 2052866-==2052866== by 0x113044: main (bfdd.c:403) 2052866-==2052866== Address 0x1ffefff3e8 is on thread 1's stack In ptm_bfd_echo_snd, for the v4 case we were memsetting the v6 memory then setting the v4 memory. Just fix it. Signed-off-by: Donald Sharp --- bfdd/bfd_packet.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bfdd/bfd_packet.c b/bfdd/bfd_packet.c index 076318e6ca..12bb52cf67 100644 --- a/bfdd/bfd_packet.c +++ b/bfdd/bfd_packet.c @@ -165,7 +165,7 @@ void ptm_bfd_echo_snd(struct bfd_session *bfd) salen = sizeof(sin6); } else { sd = bvrf->bg_echo; - memset(&sin6, 0, sizeof(sin6)); + memset(&sin, 0, sizeof(sin)); sin.sin_family = AF_INET; memcpy(&sin.sin_addr, &bfd->key.peer, sizeof(sin.sin_addr)); sin.sin_port = htons(BFD_DEF_ECHO_PORT); -- 2.39.5