From 031088804f247b1d2cf2263f6c25ee314c0dc528 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Mon, 9 Aug 2021 15:08:32 +0000 Subject: [PATCH 1/4] compat_netbsd32: Copy out 32-bit version in nfssvc32_nsd_out. --- sys/compat/netbsd32/netbsd32_nfssvc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/compat/netbsd32/netbsd32_nfssvc.c b/sys/compat/netbsd32/netbsd32_nfssvc.c index aacd4ae641e3..91e01393e3e7 100644 --- a/sys/compat/netbsd32/netbsd32_nfssvc.c +++ b/sys/compat/netbsd32/netbsd32_nfssvc.c @@ -134,7 +134,7 @@ nfssvc32_nsd_out(void *argp, const struct nfsd_srvargs *nsd) args32.nsd_key[0] = nsd->nsd_key[0]; args32.nsd_key[1] = nsd->nsd_key[1]; - return copyout(nsd, argp, sizeof *nsd); + return copyout(&args32, argp, sizeof args32); } static int From e7146cf0ac3e60ca9f38b792e9ba368d77a01845 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Mon, 9 Aug 2021 15:27:58 +0000 Subject: [PATCH 2/4] sys/compat: Don't clobber f_oflags with zero. Mistake was introduced in previous refactoring. --- sys/compat/sys/mount.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sys/compat/sys/mount.h b/sys/compat/sys/mount.h index eaec28c9d324..639c2fadc29d 100644 --- a/sys/compat/sys/mount.h +++ b/sys/compat/sys/mount.h @@ -101,10 +101,12 @@ static __inline void statvfs_to_statfs12(const struct statvfs *fs, struct statfs12 *s12) { size_t i = 0; + + memset(s12, 0, sizeof(*s12)); + s12->f_type = 0; s12->f_oflags = (short)fs->f_flag; - memset(s12, 0, sizeof(*s12)); for (i = 0; i < sizeof(__nv) / sizeof(__nv[0]); i++) { if (strcmp(__nv[i].name, fs->f_fstypename) == 0) { s12->f_type = __nv[i].value; From 823f4a145a5a044ae086f68aa8df2a5433202b50 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Mon, 9 Aug 2021 16:03:34 +0000 Subject: [PATCH 3/4] altq: Memset zero before copyout. Just in case of uninitialized padding which would lead to kernel stack disclosure. If the compiler can prove the memset then it can optimize it away; otherwise better safe than sorry. --- sys/altq/altq_hfsc.c | 1 + sys/altq/altq_priq.c | 3 +-- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/altq/altq_hfsc.c b/sys/altq/altq_hfsc.c index 96cfa7f878d4..ef55c0780675 100644 --- a/sys/altq/altq_hfsc.c +++ b/sys/altq/altq_hfsc.c @@ -2182,6 +2182,7 @@ hfsccmd_class_stats(struct hfsc_class_stats *ap) usp = ap->stats; for (n = 0; cl != NULL && n < nclasses; cl = hfsc_nextclass(cl), n++) { + memset(&stats, 0, sizeof(stats)); get_class_stats(&stats, cl); if ((error = copyout((void *)&stats, (void *)usp++, diff --git a/sys/altq/altq_priq.c b/sys/altq/altq_priq.c index 7e8cd57f5a0b..6a04923d343c 100644 --- a/sys/altq/altq_priq.c +++ b/sys/altq/altq_priq.c @@ -958,10 +958,9 @@ priqcmd_class_stats(struct priq_class_stats *ap) usp = ap->stats; for (pri = 0; pri <= pif->pif_maxpri; pri++) { cl = pif->pif_classes[pri]; + memset(&stats, 0, sizeof(stats)); if (cl != NULL) get_class_stats(&stats, cl); - else - memset(&stats, 0, sizeof(stats)); if ((error = copyout((void *)&stats, (void *)usp++, sizeof(stats))) != 0) return (error); From 721df9e5bf52be6c12f13a38ca2fa7cfb8d8f968 Mon Sep 17 00:00:00 2001 From: Taylor R Campbell Date: Mon, 9 Aug 2021 16:04:44 +0000 Subject: [PATCH 4/4] compat: Memset zero before copyout. Just in case of uninitialized padding which would lead to kernel stack disclosure. If the compiler can prove the memset then it can optimize it away; otherwise better safe than sorry. --- sys/compat/common/ieee80211_20.c | 3 + sys/compat/common/if_media_80.c | 3 +- sys/compat/common/kern_info_09.c | 1 + sys/compat/common/kern_info_43.c | 2 + sys/compat/common/kern_resource_43.c | 1 + sys/compat/common/kern_sig_13.c | 3 + sys/compat/common/kern_sig_43.c | 6 ++ sys/compat/common/kern_time_50.c | 2 + sys/compat/common/vfs_syscalls_12.c | 2 + sys/compat/common/vfs_syscalls_30.c | 3 + sys/compat/common/vfs_syscalls_43.c | 1 + sys/compat/freebsd/freebsd_machdep.c | 2 + sys/compat/freebsd/freebsd_misc.c | 1 + sys/compat/freebsd/freebsd_sched.c | 1 + sys/compat/linux/arch/alpha/linux_machdep.c | 4 ++ sys/compat/linux/arch/alpha/linux_osf1.c | 5 +- sys/compat/linux/arch/amd64/linux_machdep.c | 1 + sys/compat/linux/arch/arm/linux_machdep.c | 2 + sys/compat/linux/arch/arm/linux_ptrace.c | 1 + sys/compat/linux/arch/i386/linux_machdep.c | 7 +++ sys/compat/linux/arch/i386/linux_ptrace.c | 1 + sys/compat/linux/arch/m68k/linux_machdep.c | 4 ++ sys/compat/linux/arch/mips/linux_machdep.c | 1 + .../linux/arch/powerpc/linux_exec_powerpc.c | 2 +- sys/compat/linux/arch/powerpc/linux_machdep.c | 1 + sys/compat/linux/arch/powerpc/linux_ptrace.c | 3 +- sys/compat/linux/common/linux_cdrom.c | 2 + sys/compat/linux/common/linux_fdio.c | 1 + sys/compat/linux/common/linux_file.c | 1 + sys/compat/linux/common/linux_hdio.c | 2 + sys/compat/linux/common/linux_misc.c | 3 + sys/compat/linux/common/linux_mtio.c | 1 + sys/compat/linux/common/linux_oldolduname.c | 2 + sys/compat/linux/common/linux_olduname.c | 2 + sys/compat/linux/common/linux_sched.c | 2 + sys/compat/linux/common/linux_signal.c | 8 +++ sys/compat/linux/common/linux_socket.c | 3 + sys/compat/linux/common/linux_time.c | 2 + .../linux32/arch/amd64/linux32_machdep.c | 2 + .../linux32/common/linux32_exec_elf32.c | 2 + sys/compat/linux32/common/linux32_resource.c | 1 + sys/compat/linux32/common/linux32_signal.c | 2 + sys/compat/linux32/common/linux32_time.c | 6 ++ sys/compat/netbsd32/netbsd32_compat_12.c | 1 + sys/compat/netbsd32/netbsd32_compat_20.c | 2 + sys/compat/netbsd32/netbsd32_compat_43.c | 2 + sys/compat/netbsd32/netbsd32_compat_50.c | 6 ++ sys/compat/netbsd32/netbsd32_conv.h | 60 +++++++++++++++++-- sys/compat/netbsd32/netbsd32_nfssvc.c | 1 + sys/compat/netbsd32/netbsd32_ptrace.c | 3 + sys/compat/netbsd32/netbsd32_signal.c | 3 + sys/compat/netbsd32/netbsd32_time.c | 4 ++ sys/compat/netbsd32/netbsd32_wait.c | 1 + sys/compat/ossaudio/ossaudio.c | 4 ++ sys/compat/sunos/sunos_ioctl.c | 11 ++++ sys/compat/sunos/sunos_misc.c | 3 + sys/compat/sunos32/sunos32_ioctl.c | 17 ++++++ sys/compat/sunos32/sunos32_misc.c | 4 ++ sys/compat/sys/statvfs.h | 3 + sys/compat/sys/time_types.h | 41 +++++++------ sys/compat/ultrix/ultrix_ioctl.c | 9 +++ sys/compat/ultrix/ultrix_misc.c | 5 ++ 62 files changed, 260 insertions(+), 25 deletions(-) diff --git a/sys/compat/common/ieee80211_20.c b/sys/compat/common/ieee80211_20.c index d61b71f388fd..c7f5acd4b291 100644 --- a/sys/compat/common/ieee80211_20.c +++ b/sys/compat/common/ieee80211_20.c @@ -76,6 +76,9 @@ static void ieee80211_get_ostats(struct ieee80211_ostats *ostats, struct ieee80211_stats *stats) { + + memset(ostats, 0, sizeof(*ostats)); + #define COPYSTATS1(__ostats, __nstats, __dstmemb, __srcmemb, __lastmemb)\ (void)memcpy(&(__ostats)->__dstmemb, &(__nstats)->__srcmemb, \ offsetof(struct ieee80211_stats, __lastmemb) - \ diff --git a/sys/compat/common/if_media_80.c b/sys/compat/common/if_media_80.c index 7958577afd24..f0e8fd34a293 100644 --- a/sys/compat/common/if_media_80.c +++ b/sys/compat/common/if_media_80.c @@ -141,7 +141,8 @@ compat_ifmediareq_post(struct ifreq *ifr, u_long cmd) * there is no problem to trust ifm_count. */ minwords = ifmr->ifm_count; - kptr = malloc(minwords * sizeof(*kptr), M_TEMP, M_WAITOK); + kptr = malloc(minwords * sizeof(*kptr), M_TEMP, + M_WAITOK|M_ZERO); if (kptr == NULL) return ENOMEM; diff --git a/sys/compat/common/kern_info_09.c b/sys/compat/common/kern_info_09.c index 149a575f4b4c..795760b23b9b 100644 --- a/sys/compat/common/kern_info_09.c +++ b/sys/compat/common/kern_info_09.c @@ -120,6 +120,7 @@ compat_09_sys_uname(struct lwp *l, const char *cp; char *dp, *ep; + memset(&outsname, 0, sizeof(outsname)); strncpy(outsname.sysname, ostype, sizeof(outsname.sysname)); strncpy(outsname.nodename, hostname, sizeof(outsname.nodename)); strncpy(outsname.release, osrelease, sizeof(outsname.release)); diff --git a/sys/compat/common/kern_info_43.c b/sys/compat/common/kern_info_43.c index 81009d191c89..70670f283d4b 100644 --- a/sys/compat/common/kern_info_43.c +++ b/sys/compat/common/kern_info_43.c @@ -263,6 +263,8 @@ compat_43_sys_getkerninfo(struct lwp *l, const struct compat_43_sys_getkerninfo_ break; } + memset(&ksi, 0, sizeof(ksi)); + #define COPY(fld) \ ksi.fld = us - (u_long) usi; \ if ((error = copyoutstr(fld, us, 1024, &len)) != 0)\ diff --git a/sys/compat/common/kern_resource_43.c b/sys/compat/common/kern_resource_43.c index a0730c9ef340..4defba33cc7f 100644 --- a/sys/compat/common/kern_resource_43.c +++ b/sys/compat/common/kern_resource_43.c @@ -77,6 +77,7 @@ compat_43_sys_getrlimit(struct lwp *l, const struct compat_43_sys_getrlimit_args if ((u_int)which >= RLIM_NLIMITS) return (EINVAL); + memset(&olim, 0, sizeof(olim)); olim.rlim_cur = p->p_rlimit[which].rlim_cur; if (olim.rlim_cur == -1) olim.rlim_cur = 0x7fffffff; diff --git a/sys/compat/common/kern_sig_13.c b/sys/compat/common/kern_sig_13.c index 453dbc0d7882..f945de71108c 100644 --- a/sys/compat/common/kern_sig_13.c +++ b/sys/compat/common/kern_sig_13.c @@ -73,6 +73,7 @@ void native_sigset13_to_sigset(const sigset13_t *oss, sigset_t *ss) { + memset(ss, 0, sizeof(*ss)); ss->__bits[0] = *oss; ss->__bits[1] = 0; ss->__bits[2] = 0; @@ -90,6 +91,7 @@ void native_sigaction13_to_sigaction(const struct sigaction13 *osa, struct sigaction *sa) { + memset(sa, 0, sizeof(*sa)); sa->sa_handler = osa->osa_handler; native_sigset13_to_sigset(&osa->osa_mask, &sa->sa_mask); sa->sa_flags = osa->osa_flags; @@ -99,6 +101,7 @@ void native_sigaction_to_sigaction13(const struct sigaction *sa, struct sigaction13 *osa) { + memset(osa, 0, sizeof(*osa)); osa->osa_handler = sa->sa_handler; native_sigset_to_sigset13(&sa->sa_mask, &osa->osa_mask); osa->osa_flags = sa->sa_flags; diff --git a/sys/compat/common/kern_sig_43.c b/sys/compat/common/kern_sig_43.c index 4aa9e5fb0963..86637953e2e7 100644 --- a/sys/compat/common/kern_sig_43.c +++ b/sys/compat/common/kern_sig_43.c @@ -86,6 +86,7 @@ void compat_43_sigmask_to_sigset(const int *sm, sigset_t *ss) { + memset(ss, 0, sizeof(*ss)); ss->__bits[0] = *sm; ss->__bits[1] = 0; ss->__bits[2] = 0; @@ -102,6 +103,8 @@ compat_43_sigset_to_sigmask(const sigset_t *ss, int *sm) void compat_43_sigvec_to_sigaction(const struct sigvec *sv, struct sigaction *sa) { + + memset(sa, 0, sizeof(*sa)); sa->sa_handler = sv->sv_handler; compat_43_sigmask_to_sigset(&sv->sv_mask, &sa->sa_mask); sa->sa_flags = sv->sv_flags ^ SA_RESTART; @@ -110,6 +113,8 @@ compat_43_sigvec_to_sigaction(const struct sigvec *sv, struct sigaction *sa) void compat_43_sigaction_to_sigvec(const struct sigaction *sa, struct sigvec *sv) { + + memset(sv, 0, sizeof(*sv)); sv->sv_handler = sa->sa_handler; compat_43_sigset_to_sigmask(&sa->sa_mask, &sv->sv_mask); sv->sv_flags = sa->sa_flags ^ SA_RESTART; @@ -118,6 +123,7 @@ compat_43_sigaction_to_sigvec(const struct sigaction *sa, struct sigvec *sv) void compat_43_sigstack_to_sigaltstack(const struct sigstack *ss, struct sigaltstack *sa) { + memset(sa, 0, sizeof(*sa)); sa->ss_sp = ss->ss_sp; sa->ss_size = SIGSTKSZ; /* Use the recommended size */ sa->ss_flags = 0; diff --git a/sys/compat/common/kern_time_50.c b/sys/compat/common/kern_time_50.c index 3b37c892f470..5db953f1b026 100644 --- a/sys/compat/common/kern_time_50.c +++ b/sys/compat/common/kern_time_50.c @@ -226,6 +226,7 @@ compat_50_sys_gettimeofday(struct lwp *l, * NetBSD has no kernel notion of time zone, so we just * fake up a timezone struct and return it if demanded. */ + memset(&tzfake, 0, sizeof(tzfake)); tzfake.tz_minuteswest = 0; tzfake.tz_dsttime = 0; error = copyout(&tzfake, SCARG(uap, tzp), sizeof(tzfake)); @@ -458,6 +459,7 @@ compat_50_sys_mq_timedreceive(struct lwp *l, void rusage_to_rusage50(const struct rusage *ru, struct rusage50 *ru50) { + memset(ru50, 0, sizeof(*ru50)); (void)memcpy(&ru50->ru_first, &ru->ru_first, (char *)&ru50->ru_last - (char *)&ru50->ru_first + sizeof(ru50->ru_last)); diff --git a/sys/compat/common/vfs_syscalls_12.c b/sys/compat/common/vfs_syscalls_12.c index 4ec2f1be974a..61c27648f330 100644 --- a/sys/compat/common/vfs_syscalls_12.c +++ b/sys/compat/common/vfs_syscalls_12.c @@ -82,6 +82,7 @@ void compat_12_stat_conv(const struct stat *st, struct stat12 *ost) { + memset(ost, 0, sizeof(*ost)); ost->st_dev = st->st_dev; ost->st_ino = st->st_ino; ost->st_mode = st->st_mode & 0xffff; @@ -201,6 +202,7 @@ again: off += reclen; continue; } + memset(&idb, 0, sizeof(idb)); if (bdp->d_namlen >= sizeof(idb.d_name)) idb.d_namlen = sizeof(idb.d_name) - 1; else diff --git a/sys/compat/common/vfs_syscalls_30.c b/sys/compat/common/vfs_syscalls_30.c index 4ecb96efbdba..aa51428b545e 100644 --- a/sys/compat/common/vfs_syscalls_30.c +++ b/sys/compat/common/vfs_syscalls_30.c @@ -85,6 +85,7 @@ static void cvtstat(struct stat13 *ost, const struct stat *st) { + memset(ost, 0, sizeof(*ost)); ost->st_dev = st->st_dev; ost->st_ino = (uint32_t)st->st_ino; ost->st_mode = st->st_mode; @@ -302,6 +303,7 @@ again: error = EINVAL; goto out; } + memset(&idb, 0, sizeof(idb)); if (bdp->d_namlen >= sizeof(idb.d_name)) idb.d_namlen = sizeof(idb.d_name) - 1; else @@ -392,6 +394,7 @@ compat_30_sys_getfh(struct lwp *l, const struct compat_30_sys_getfh_args *uap, sz = sizeof(struct compat_30_fhandle); error = vfs_composefh(vp, (void *)&fh, &sz); vput(vp); + CTASSERT(FHANDLE_SIZE_COMPAT == sizeof(struct compat_30_fhandle)); if (sz != FHANDLE_SIZE_COMPAT) { error = EINVAL; } diff --git a/sys/compat/common/vfs_syscalls_43.c b/sys/compat/common/vfs_syscalls_43.c index 4462e4b0b8e1..f1bfacc7fc76 100644 --- a/sys/compat/common/vfs_syscalls_43.c +++ b/sys/compat/common/vfs_syscalls_43.c @@ -427,6 +427,7 @@ again: off += reclen; continue; } + memset(&idb, 0, sizeof(idb)); if (bdp->d_namlen >= sizeof(idb.d_name)) idb.d_namlen = sizeof(idb.d_name) - 1; else diff --git a/sys/compat/freebsd/freebsd_machdep.c b/sys/compat/freebsd/freebsd_machdep.c index 366b751edc96..7d896c7c7cde 100644 --- a/sys/compat/freebsd/freebsd_machdep.c +++ b/sys/compat/freebsd/freebsd_machdep.c @@ -88,6 +88,8 @@ freebsd_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) fp--; + memset(&frame, 0, sizeof(frame)); + /* Build stack frame for signal trampoline. */ frame.sf_signum = sig; frame.sf_code = code; diff --git a/sys/compat/freebsd/freebsd_misc.c b/sys/compat/freebsd/freebsd_misc.c index d8fe63f74850..8bd050426944 100644 --- a/sys/compat/freebsd/freebsd_misc.c +++ b/sys/compat/freebsd/freebsd_misc.c @@ -183,6 +183,7 @@ freebsd_sys_sigaction4(struct lwp *l, const struct freebsd_sys_sigaction4_args * if (error) return (error); if (SCARG(uap, osa)) { + memset(&oesa, 0, sizeof(oesa)); oesa.freebsd_sa_handler = obsa.sa_handler; oesa.freebsd_sa_mask = obsa.sa_mask; oesa.freebsd_sa_flags = obsa.sa_flags; diff --git a/sys/compat/freebsd/freebsd_sched.c b/sys/compat/freebsd/freebsd_sched.c index e7c4674f58ce..c2ab93200307 100644 --- a/sys/compat/freebsd/freebsd_sched.c +++ b/sys/compat/freebsd/freebsd_sched.c @@ -122,6 +122,7 @@ sched_native2freebsd(int native_policy, const struct sched_param *native_params, if (native_params != NULL && freebsd_params != NULL) { /* XXX: Needs adjustment to do a proper conversion. */ + memset(freebsd_params, 0, sizeof(*freebsd_params)); freebsd_params->sched_priority = native_params->sched_priority; } diff --git a/sys/compat/linux/arch/alpha/linux_machdep.c b/sys/compat/linux/arch/alpha/linux_machdep.c index e9ee45107fe3..29254630658f 100644 --- a/sys/compat/linux/arch/alpha/linux_machdep.c +++ b/sys/compat/linux/arch/alpha/linux_machdep.c @@ -139,6 +139,8 @@ setup_linux_rt_sigframe(struct trapframe *tf, const ksiginfo_t *ksi, sig, &onstack, sfp); #endif /* DEBUG */ + memset(&sigframe, 0, sizeof(sigframe)); + /* * Build the signal context to be used by sigreturn. */ @@ -232,6 +234,8 @@ void setup_linux_sigframe(struct trapframe *tf, const ksiginfo_t *ksi, sig, &onstack, sfp); #endif /* DEBUG */ + memset(&sigframe, 0, sizeof(sigframe)); + /* * Build the signal context to be used by sigreturn. */ diff --git a/sys/compat/linux/arch/alpha/linux_osf1.c b/sys/compat/linux/arch/alpha/linux_osf1.c index 3575281d1d63..5c4a5058aeee 100644 --- a/sys/compat/linux/arch/alpha/linux_osf1.c +++ b/sys/compat/linux/arch/alpha/linux_osf1.c @@ -109,6 +109,8 @@ static void osf1_cvt_rusage_from_native(const struct rusage *ru, struct osf1_rusage *oru) { + memset(oru, 0, sizeof(*oru)); + oru->ru_utime.tv_sec = ru->ru_utime.tv_sec; oru->ru_utime.tv_usec = ru->ru_utime.tv_usec; @@ -135,7 +137,7 @@ static void osf1_cvt_statfs_from_native(const struct statvfs *bsfs, struct osf1_statfs *osfs) { - memset(osfs, 0, sizeof (struct osf1_statfs)); + memset(osfs, 0, sizeof(*osfs)); if (!strncmp(MOUNT_FFS, bsfs->f_fstypename, sizeof(bsfs->f_fstypename))) osfs->f_type = OSF1_MOUNT_UFS; else if (!strncmp(MOUNT_NFS, bsfs->f_fstypename, sizeof(bsfs->f_fstypename))) @@ -665,6 +667,7 @@ linux_sys_osf1_usleep_thread(struct lwp *l, const struct linux_sys_osf1_usleep_t if (endtv.tv_sec < 0 || endtv.tv_usec < 0) endtv.tv_sec = endtv.tv_usec = 0; + memset(&endotv, 0, sizeof(endotv)); endotv.tv_sec = endtv.tv_sec; endotv.tv_usec = endtv.tv_usec; error = copyout(&endotv, SCARG(uap, slept), sizeof endotv); diff --git a/sys/compat/linux/arch/amd64/linux_machdep.c b/sys/compat/linux/arch/amd64/linux_machdep.c index b962a8b0f499..6ed6f8e57085 100644 --- a/sys/compat/linux/arch/amd64/linux_machdep.c +++ b/sys/compat/linux/arch/amd64/linux_machdep.c @@ -227,6 +227,7 @@ linux_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) if (fpsp != NULL) { size_t fp_size = sizeof fpregs; /* The netbsd and linux structures both match the fxsave data */ + memset(&fpregs, 0, sizeof(fpregs)); (void)process_read_fpregs(l, &fpregs, &fp_size); error = copyout(&fpregs, fpsp, sizeof(*fpsp)); } diff --git a/sys/compat/linux/arch/arm/linux_machdep.c b/sys/compat/linux/arch/arm/linux_machdep.c index 6fca38b74dfa..e6741261dc0a 100644 --- a/sys/compat/linux/arch/arm/linux_machdep.c +++ b/sys/compat/linux/arch/arm/linux_machdep.c @@ -107,6 +107,8 @@ linux_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) /* Build stack frame for signal trampoline. */ + memset(&frame, 0, sizeof(frame)); + /* Save register context. */ frame.sf_sc.sc_r0 = tf->tf_r0; frame.sf_sc.sc_r1 = tf->tf_r1; diff --git a/sys/compat/linux/arch/arm/linux_ptrace.c b/sys/compat/linux/arch/arm/linux_ptrace.c index a8e14eab33b8..159b7ff12e28 100644 --- a/sys/compat/linux/arch/arm/linux_ptrace.c +++ b/sys/compat/linux/arch/arm/linux_ptrace.c @@ -180,6 +180,7 @@ linux_sys_ptrace_arch(struct lwp *l, const struct linux_sys_ptrace_args *uap, if (error) { break; } + memset(linux_regs, 0, sizeof(*linux_regs)); memcpy(linux_regs->uregs, regs->r, 13 * sizeof(register_t)); linux_regs->uregs[LINUX_REG_SP] = regs->r_sp; linux_regs->uregs[LINUX_REG_LR] = regs->r_lr; diff --git a/sys/compat/linux/arch/i386/linux_machdep.c b/sys/compat/linux/arch/i386/linux_machdep.c index 0a6b4272e0b2..b77a1ff985fd 100644 --- a/sys/compat/linux/arch/i386/linux_machdep.c +++ b/sys/compat/linux/arch/i386/linux_machdep.c @@ -252,6 +252,8 @@ linux_rt_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) onstack, fp, sig, tf->tf_eip, ((struct pcb *)lwp_getpcb(l))->pcb_cr2)); + memset(&frame, 0, sizeof(frame)); + /* Build stack frame for signal trampoline. */ frame.sf_handler = catcher; frame.sf_sig = native_to_linux_signo[sig]; @@ -329,6 +331,8 @@ linux_old_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) onstack, fp, sig, tf->tf_eip, ((struct pcb *)lwp_getpcb(l))->pcb_cr2)); + memset(&frame, 0, sizeof(frame)); + /* Build stack frame for signal trampoline. */ frame.sf_handler = catcher; frame.sf_sig = native_to_linux_signo[sig]; @@ -837,6 +841,7 @@ linux_machdepioctl(struct lwp *l, const struct linux_sys_ioctl_args *uap, regist com = VT_OPENQRY; break; case LINUX_VT_GETMODE: + memset(&lvt, 0, sizeof(lvt)); error = fp->f_ops->fo_ioctl(fp, VT_GETMODE, &lvt); if (error != 0) goto out; @@ -932,6 +937,7 @@ linux_machdepioctl(struct lwp *l, const struct linux_sys_ioctl_args *uap, regist sectors = label.d_nsectors; } if (com == LINUX_HDIO_GETGEO) { + memset(&hdg, 0, sizeof(hdg)); hdg.start = start; hdg.heads = heads; hdg.cylinders = cylinders; @@ -939,6 +945,7 @@ linux_machdepioctl(struct lwp *l, const struct linux_sys_ioctl_args *uap, regist error = copyout(&hdg, SCARG(uap, data), sizeof hdg); goto out; } else { + memset(&hdg_big, 0, sizeof(hdg_big)); hdg_big.start = start; hdg_big.heads = heads; hdg_big.cylinders = cylinders; diff --git a/sys/compat/linux/arch/i386/linux_ptrace.c b/sys/compat/linux/arch/i386/linux_ptrace.c index 5f41bce017c7..a2d65c6ac606 100644 --- a/sys/compat/linux/arch/i386/linux_ptrace.c +++ b/sys/compat/linux/arch/i386/linux_ptrace.c @@ -223,6 +223,7 @@ linux_sys_ptrace_arch(struct lwp *l, const struct linux_sys_ptrace_args *uap, if (error) { break; } + memset(linux_regs, 0, sizeof(*linux_regs)); linux_regs->ebx = regs->r_ebx; linux_regs->ecx = regs->r_ecx; linux_regs->edx = regs->r_edx; diff --git a/sys/compat/linux/arch/m68k/linux_machdep.c b/sys/compat/linux/arch/m68k/linux_machdep.c index 115f9f2e7c1d..0380bbdfbf6d 100644 --- a/sys/compat/linux/arch/m68k/linux_machdep.c +++ b/sys/compat/linux/arch/m68k/linux_machdep.c @@ -118,6 +118,8 @@ setup_linux_sigframe(struct frame *frame, int sig, const sigset_t *mask, void *u p->p_pid, sig, &ft, fp, &fp->sf_c.c_sc, ft); #endif + memset(&kf, 0, sizeof(kf)); + /* Build stack frame. */ kf.sf_psigtramp = fp->sf_sigtramp; /* return addr for handler */ kf.sf_signum = native_to_linux_signo[sig]; @@ -280,6 +282,8 @@ setup_linux_rt_sigframe(struct frame *frame, int sig, const sigset_t *mask, void p->p_pid, sig, &ft, fp, &fp->sf_uc, ft); #endif + memset(&kf, 0, sizeof(kf)); + /* Build stack frame. */ kf.sf_psigtramp = fp->sf_sigtramp; /* return addr for handler */ kf.sf_signum = native_to_linux_signo[sig]; diff --git a/sys/compat/linux/arch/mips/linux_machdep.c b/sys/compat/linux/arch/mips/linux_machdep.c index 872d509c734d..b7ca90435df7 100644 --- a/sys/compat/linux/arch/mips/linux_machdep.c +++ b/sys/compat/linux/arch/mips/linux_machdep.c @@ -401,6 +401,7 @@ linux_sys_new_uname(struct lwp *l, const struct linux_sys_new_uname_args *uap, r } */ *uap = v; struct linux_utsname luts; + memset(&luts, 0, sizeof(luts)); strlcpy(luts.l_sysname, linux_sysname, sizeof(luts.l_sysname)); strlcpy(luts.l_nodename, hostname, sizeof(luts.l_nodename)); strlcpy(luts.l_release, "2.4.0", sizeof(luts.l_release)); diff --git a/sys/compat/linux/arch/powerpc/linux_exec_powerpc.c b/sys/compat/linux/arch/powerpc/linux_exec_powerpc.c index 4509ccc2edaa..c9fbf406a258 100644 --- a/sys/compat/linux/arch/powerpc/linux_exec_powerpc.c +++ b/sys/compat/linux/arch/powerpc/linux_exec_powerpc.c @@ -93,7 +93,7 @@ ELFNAME2(linux,copyargs)(struct lwp *l, struct exec_package *pack, & ~LINUX_SHIFT); #endif - memset(ai, 0, sizeof(AuxInfo) * LINUX_ELF_AUX_ENTRIES); + memset(ai, 0, sizeof(ai)); a = ai; diff --git a/sys/compat/linux/arch/powerpc/linux_machdep.c b/sys/compat/linux/arch/powerpc/linux_machdep.c index da282bbb84af..1530cc5d8bc6 100644 --- a/sys/compat/linux/arch/powerpc/linux_machdep.c +++ b/sys/compat/linux/arch/powerpc/linux_machdep.c @@ -162,6 +162,7 @@ linux_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) * * Save register context. */ + memset(&linux_regs, 0, sizeof(linux_regs)); for (i = 0; i < 32; i++) linux_regs.lgpr[i] = tf->tf_fixreg[i]; linux_regs.lnip = tf->tf_srr0; diff --git a/sys/compat/linux/arch/powerpc/linux_ptrace.c b/sys/compat/linux/arch/powerpc/linux_ptrace.c index ca59816a8de7..9ff2d3c00edc 100644 --- a/sys/compat/linux/arch/powerpc/linux_ptrace.c +++ b/sys/compat/linux/arch/powerpc/linux_ptrace.c @@ -200,6 +200,7 @@ linux_sys_ptrace_arch(struct lwp *l, const struct linux_sys_ptrace_args *uap, if (error) { break; } + memset(&linux_regs, 0, sizeof(linux_regs)); for (i = 0; i <= 31; i++) { linux_regs->lgpr[i] = regs->fixreg[i]; } @@ -309,7 +310,7 @@ linux_sys_ptrace_arch(struct lwp *l, const struct linux_sys_ptrace_args *uap, break; } error = copyout (retval, (void *)SCARG(uap, data), - sizeof(retval)); + sizeof(*retval)); *retval = SCARG(uap, data); break; diff --git a/sys/compat/linux/common/linux_cdrom.c b/sys/compat/linux/common/linux_cdrom.c index 07d84540c02d..44558bd10fb9 100644 --- a/sys/compat/linux/common/linux_cdrom.c +++ b/sys/compat/linux/common/linux_cdrom.c @@ -186,6 +186,7 @@ linux_ioctl_cdrom(struct lwp *l, const struct linux_sys_ioctl_args *uap, registe if (error) break; + memset(&l_tochdr, 0, sizeof(l_tochdr)); l_tochdr.cdth_trk0 = t_header.starting_track; l_tochdr.cdth_trk1 = t_header.ending_track; @@ -238,6 +239,7 @@ linux_ioctl_cdrom(struct lwp *l, const struct linux_sys_ioctl_args *uap, registe if (error) break; + memset(&l_volctrl, 0, sizeof(l_volctrl)); l_volctrl.channel0 = t_vol.vol[0]; l_volctrl.channel1 = t_vol.vol[1]; l_volctrl.channel2 = t_vol.vol[2]; diff --git a/sys/compat/linux/common/linux_fdio.c b/sys/compat/linux/common/linux_fdio.c index bf9b5be05900..77fbc5572c04 100644 --- a/sys/compat/linux/common/linux_fdio.c +++ b/sys/compat/linux/common/linux_fdio.c @@ -107,6 +107,7 @@ linux_ioctl_fdio(struct lwp *l, const struct linux_sys_ioctl_args *uap, error = ioctlf(fp, FDIOCGETFORMAT, &fparams); if (error != 0) break; + memset(&lflop, 0, sizeof(lflop)); lflop.size = fparams.ncyl * fparams.nspt * fparams.ntrk; lflop.sect = fparams.nspt; lflop.head = fparams.ntrk; diff --git a/sys/compat/linux/common/linux_file.c b/sys/compat/linux/common/linux_file.c index e1ca8eff9683..10f1c6cc5c34 100644 --- a/sys/compat/linux/common/linux_file.c +++ b/sys/compat/linux/common/linux_file.c @@ -445,6 +445,7 @@ static void bsd_to_linux_stat(struct stat *bsp, struct linux_stat *lsp) { + memset(lsp, 0, sizeof(*lsp)); lsp->lst_dev = linux_fakedev(bsp->st_dev, 0); lsp->lst_ino = bsp->st_ino; lsp->lst_mode = (linux_mode_t)bsp->st_mode; diff --git a/sys/compat/linux/common/linux_hdio.c b/sys/compat/linux/common/linux_hdio.c index 79300d3ebd09..bfcd367c3994 100644 --- a/sys/compat/linux/common/linux_hdio.c +++ b/sys/compat/linux/common/linux_hdio.c @@ -113,6 +113,7 @@ linux_ioctl_hdio(struct lwp *l, const struct linux_sys_ioctl_args *uap, error = error1; break; } + memset(&hdg, 0, sizeof(hdg)); hdg.start = error1 != 0 ? pi.pi_offset : 0; hdg.heads = label.d_ntracks; hdg.cylinders = label.d_ncylinders; @@ -131,6 +132,7 @@ linux_ioctl_hdio(struct lwp *l, const struct linux_sys_ioctl_args *uap, error = error1; break; } + memset(&hdg_big, 0, sizeof(hdg_big)); hdg_big.start = error1 != 0 ? pi.pi_offset : 0; hdg_big.heads = label.d_ntracks; hdg_big.cylinders = label.d_ncylinders; diff --git a/sys/compat/linux/common/linux_misc.c b/sys/compat/linux/common/linux_misc.c index 4b94795bb21d..71c6daefdc1f 100644 --- a/sys/compat/linux/common/linux_misc.c +++ b/sys/compat/linux/common/linux_misc.c @@ -629,6 +629,8 @@ linux_sys_times(struct lwp *l, const struct linux_sys_times_args *uap, register_ struct linux_tms ltms; struct rusage ru; + memset(<ms, 0, sizeof(ltms)); + mutex_enter(p->p_lock); calcru(p, &ru.ru_utime, &ru.ru_stime, NULL, NULL); ltms.ltms_utime = CONVTCK(ru.ru_utime); @@ -1399,6 +1401,7 @@ linux_sys_getrlimit(struct lwp *l, const struct linux_sys_getrlimit_args *uap, r if (which < 0) return -which; + memset(&orl, 0, sizeof(orl)); bsd_to_linux_rlimit(&orl, &l->l_proc->p_rlimit[which]); return copyout(&orl, SCARG(uap, rlp), sizeof(orl)); diff --git a/sys/compat/linux/common/linux_mtio.c b/sys/compat/linux/common/linux_mtio.c index b92051d65f29..c2be9fbcadca 100644 --- a/sys/compat/linux/common/linux_mtio.c +++ b/sys/compat/linux/common/linux_mtio.c @@ -106,6 +106,7 @@ linux_ioctl_mtio(struct lwp *l, const struct linux_sys_ioctl_args *uap, error = ioctlf(fp, MTIOCTOP, &mt); break; case LINUX_MTIOCGET: + memset(&lmtget, 0, sizeof(lmtget)); lmtget.mt_type = LINUX_MT_ISUNKNOWN; lmtget.mt_resid = 0; lmtget.mt_dsreg = 0; diff --git a/sys/compat/linux/common/linux_oldolduname.c b/sys/compat/linux/common/linux_oldolduname.c index c48939d49e5c..fc206680a829 100644 --- a/sys/compat/linux/common/linux_oldolduname.c +++ b/sys/compat/linux/common/linux_oldolduname.c @@ -58,6 +58,8 @@ linux_sys_oldolduname(struct lwp *l, const struct linux_sys_oldolduname_args *ua } */ struct linux_oldoldutsname luts; + memset(&luts, 0, sizeof(luts)); + strlcpy(luts.l_sysname, linux_sysname, sizeof(luts.l_sysname)); strlcpy(luts.l_nodename, hostname, sizeof(luts.l_nodename)); strlcpy(luts.l_release, linux_release, sizeof(luts.l_release)); diff --git a/sys/compat/linux/common/linux_olduname.c b/sys/compat/linux/common/linux_olduname.c index 20f9cde0581d..7221ca1866e4 100644 --- a/sys/compat/linux/common/linux_olduname.c +++ b/sys/compat/linux/common/linux_olduname.c @@ -61,6 +61,8 @@ linux_sys_olduname(struct lwp *l, const struct linux_sys_olduname_args *uap, reg } */ struct linux_oldutsname luts; + memset(&luts, 0, sizeof(luts)); + strlcpy(luts.l_sysname, linux_sysname, sizeof(luts.l_sysname)); strlcpy(luts.l_nodename, hostname, sizeof(luts.l_nodename)); strlcpy(luts.l_release, linux_release, sizeof(luts.l_release)); diff --git a/sys/compat/linux/common/linux_sched.c b/sys/compat/linux/common/linux_sched.c index ea301c199715..aab1a8d4d0eb 100644 --- a/sys/compat/linux/common/linux_sched.c +++ b/sys/compat/linux/common/linux_sched.c @@ -346,6 +346,8 @@ sched_native2linux(int native_policy, struct sched_param *native_params, KASSERT(prio <= SCHED_PRI_MAX); KASSERT(linux_params != NULL); + memset(linux_params, 0, sizeof(*linux_params)); + DPRINTF(("%s: native: policy %d, priority %d\n", __func__, native_policy, prio)); diff --git a/sys/compat/linux/common/linux_signal.c b/sys/compat/linux/common/linux_signal.c index 92b44250ec0d..e4e70e736ae3 100644 --- a/sys/compat/linux/common/linux_signal.c +++ b/sys/compat/linux/common/linux_signal.c @@ -274,6 +274,8 @@ linux_to_native_sigflags(const unsigned long lsf) void linux_old_to_native_sigaction(struct sigaction *bsa, const struct linux_old_sigaction *lsa) { + + memset(bsa, 0, sizeof(*bsa)); bsa->sa_handler = lsa->linux_sa_handler; linux_old_to_native_sigset(&bsa->sa_mask, &lsa->linux_sa_mask); bsa->sa_flags = linux_to_native_sigflags(lsa->linux_sa_flags); @@ -282,6 +284,8 @@ linux_old_to_native_sigaction(struct sigaction *bsa, const struct linux_old_siga void native_to_linux_old_sigaction(struct linux_old_sigaction *lsa, const struct sigaction *bsa) { + + memset(lsa, 0, sizeof(*lsa)); lsa->linux_sa_handler = bsa->sa_handler; native_to_linux_old_sigset(&lsa->linux_sa_mask, &bsa->sa_mask); lsa->linux_sa_flags = native_to_linux_sigflags(bsa->sa_flags); @@ -294,6 +298,8 @@ native_to_linux_old_sigaction(struct linux_old_sigaction *lsa, const struct siga void linux_to_native_sigaction(struct sigaction *bsa, const struct linux_sigaction *lsa) { + + memset(bsa, 0, sizeof(*bsa)); bsa->sa_handler = lsa->linux_sa_handler; linux_to_native_sigset(&bsa->sa_mask, &lsa->linux_sa_mask); bsa->sa_flags = linux_to_native_sigflags(lsa->linux_sa_flags); @@ -302,6 +308,8 @@ linux_to_native_sigaction(struct sigaction *bsa, const struct linux_sigaction *l void native_to_linux_sigaction(struct linux_sigaction *lsa, const struct sigaction *bsa) { + + memset(lsa, 0, sizeof(*lsa)); lsa->linux_sa_handler = bsa->sa_handler; native_to_linux_sigset(&lsa->linux_sa_mask, &bsa->sa_mask); lsa->linux_sa_flags = native_to_linux_sigflags(bsa->sa_flags); diff --git a/sys/compat/linux/common/linux_socket.c b/sys/compat/linux/common/linux_socket.c index b6e3c637e47f..acc2f1d9ef49 100644 --- a/sys/compat/linux/common/linux_socket.c +++ b/sys/compat/linux/common/linux_socket.c @@ -440,6 +440,7 @@ linux_sys_sendto(struct lwp *l, const struct linux_sys_sendto_args *uap, registe static void linux_to_bsd_msghdr(const struct linux_msghdr *lmsg, struct msghdr *bmsg) { + memset(bmsg, 0, sizeof(*bmsg)); bmsg->msg_name = lmsg->msg_name; bmsg->msg_namelen = lmsg->msg_namelen; bmsg->msg_iov = lmsg->msg_iov; @@ -452,6 +453,7 @@ linux_to_bsd_msghdr(const struct linux_msghdr *lmsg, struct msghdr *bmsg) static void bsd_to_linux_msghdr(const struct msghdr *bmsg, struct linux_msghdr *lmsg) { + memset(lmsg, 0, sizeof(*lmsg)); lmsg->msg_name = bmsg->msg_name; lmsg->msg_namelen = bmsg->msg_namelen; lmsg->msg_iov = bmsg->msg_iov; @@ -699,6 +701,7 @@ linux_copyout_msg_control(struct lwp *l, struct msghdr *mp, struct mbuf *control * 1. different values for level/type on some archs * 2. different alignment of CMSG_DATA on some archs */ + memset(&linux_cmsg, 0, sizeof(linux_cmsg)); linux_cmsg.cmsg_len = cmsg->cmsg_len - LINUX_CMSG_ALIGN_DELTA; linux_cmsg.cmsg_level = cmsg->cmsg_level; linux_cmsg.cmsg_type = cmsg->cmsg_type; diff --git a/sys/compat/linux/common/linux_time.c b/sys/compat/linux/common/linux_time.c index 7d689ff76a9b..00b948c1a615 100644 --- a/sys/compat/linux/common/linux_time.c +++ b/sys/compat/linux/common/linux_time.c @@ -117,6 +117,7 @@ linux_sys_settimeofday(struct lwp *l, const struct linux_sys_settimeofday_args * void native_to_linux_timespec(struct linux_timespec *ltp, struct timespec *ntp) { + memset(ltp, 0, sizeof(*ltp)); ltp->tv_sec = ntp->tv_sec; ltp->tv_nsec = ntp->tv_nsec; } @@ -124,6 +125,7 @@ native_to_linux_timespec(struct linux_timespec *ltp, struct timespec *ntp) void linux_to_native_timespec(struct timespec *ntp, struct linux_timespec *ltp) { + memset(ntp, 0, sizeof(*ntp)); ntp->tv_sec = ltp->tv_sec; ntp->tv_nsec = ltp->tv_nsec; } diff --git a/sys/compat/linux32/arch/amd64/linux32_machdep.c b/sys/compat/linux32/arch/amd64/linux32_machdep.c index 70a9ac2e3fb7..85a7ed072f89 100644 --- a/sys/compat/linux32/arch/amd64/linux32_machdep.c +++ b/sys/compat/linux32/arch/amd64/linux32_machdep.c @@ -126,6 +126,8 @@ linux32_old_sendsig(const ksiginfo_t *ksi, const sigset_t *mask) DPRINTF(("old: onstack = %d, fp = %p sig = %d rip = 0x%lx\n", onstack, fp, sig, tf->tf_rip)); + memset(&frame, 0, sizeof(frame)); + /* Build stack frame for signal trampoline. */ NETBSD32PTR32(frame.sf_handler, catcher); frame.sf_sig = native_to_linux32_signo[sig]; diff --git a/sys/compat/linux32/common/linux32_exec_elf32.c b/sys/compat/linux32/common/linux32_exec_elf32.c index 19ed2980f41e..b60b2a2ae94f 100644 --- a/sys/compat/linux32/common/linux32_exec_elf32.c +++ b/sys/compat/linux32/common/linux32_exec_elf32.c @@ -227,6 +227,8 @@ linux32_elf32_copyargs(struct lwp *l, struct exec_package *pack, *stackp += len; #if 0 + memset(&esd, 0, sizeof(esd)); + memcpy(esd.kernel_vsyscall, linux32_kernel_vsyscall, sizeof(linux32_kernel_vsyscall)); diff --git a/sys/compat/linux32/common/linux32_resource.c b/sys/compat/linux32/common/linux32_resource.c index 54970167ec75..53e559881269 100644 --- a/sys/compat/linux32/common/linux32_resource.c +++ b/sys/compat/linux32/common/linux32_resource.c @@ -87,6 +87,7 @@ linux32_sys_getrlimit(struct lwp *l, const struct linux32_sys_getrlimit_args *ua if (which < 0) return -which; + memset(&orl, 0, sizeof(orl)); bsd_to_linux_rlimit(&orl, &l->l_proc->p_rlimit[which]); return copyout(&orl, SCARG_P32(uap, rlp), sizeof(orl)); diff --git a/sys/compat/linux32/common/linux32_signal.c b/sys/compat/linux32/common/linux32_signal.c index 8c6624e42c1b..d2af8fa4cc0b 100644 --- a/sys/compat/linux32/common/linux32_signal.c +++ b/sys/compat/linux32/common/linux32_signal.c @@ -215,6 +215,7 @@ linux32_to_native_sigflags(const unsigned long lsf) void linux32_to_native_sigaction(struct sigaction *bsa, const struct linux32_sigaction *lsa) { + memset(bsa, 0, sizeof(*bsa)); bsa->sa_handler = NETBSD32PTR64(lsa->linux_sa_handler); linux32_to_native_sigset(&bsa->sa_mask, &lsa->linux_sa_mask); bsa->sa_flags = linux32_to_native_sigflags(lsa->linux_sa_flags); @@ -223,6 +224,7 @@ linux32_to_native_sigaction(struct sigaction *bsa, const struct linux32_sigactio void native_to_linux32_sigaction(struct linux32_sigaction *lsa, const struct sigaction *bsa) { + memset(lsa, 0, sizeof(*lsa)); NETBSD32PTR32(lsa->linux_sa_handler, bsa->sa_handler); native_to_linux32_sigset(&lsa->linux_sa_mask, &bsa->sa_mask); lsa->linux_sa_flags = native_to_linux32_sigflags(bsa->sa_flags); diff --git a/sys/compat/linux32/common/linux32_time.c b/sys/compat/linux32/common/linux32_time.c index a6b9173e950c..2d62f24b692f 100644 --- a/sys/compat/linux32/common/linux32_time.c +++ b/sys/compat/linux32/common/linux32_time.c @@ -166,6 +166,8 @@ linux32_sys_times(struct lwp *l, const struct linux32_sys_times_args *uap, regis struct linux32_tms ltms32; struct rusage ru; + memset(<ms32, 0, sizeof(ltms32)); + mutex_enter(p->p_lock); calcru(p, &ru.ru_utime, &ru.ru_stime, NULL, NULL); ltms32.ltms32_utime = CONVTCK(ru.ru_utime); @@ -237,6 +239,8 @@ linux32_sys_utime(struct lwp *l, const struct linux32_sys_utime_args *uap, regis void native_to_linux32_timespec(struct linux32_timespec *ltp, struct timespec *ntp) { + + memset(ltp, 0, sizeof(*ltp)); ltp->tv_sec = ntp->tv_sec; ltp->tv_nsec = ntp->tv_nsec; } @@ -244,6 +248,8 @@ native_to_linux32_timespec(struct linux32_timespec *ltp, struct timespec *ntp) void linux32_to_native_timespec(struct timespec *ntp, struct linux32_timespec *ltp) { + + memset(ntp, 0, sizeof(*ntp)); ntp->tv_sec = ltp->tv_sec; ntp->tv_nsec = ltp->tv_nsec; } diff --git a/sys/compat/netbsd32/netbsd32_compat_12.c b/sys/compat/netbsd32/netbsd32_compat_12.c index 38a5185a8f49..d73c0b89cc33 100644 --- a/sys/compat/netbsd32/netbsd32_compat_12.c +++ b/sys/compat/netbsd32/netbsd32_compat_12.c @@ -62,6 +62,7 @@ static void netbsd32_stat12_to_netbsd32(struct stat12 *sp12, struct netbsd32_stat12 *sp32) { + memset(sp32, 0, sizeof(*sp32)); sp32->st_dev = sp12->st_dev; sp32->st_ino = sp12->st_ino; sp32->st_mode = sp12->st_mode; diff --git a/sys/compat/netbsd32/netbsd32_compat_20.c b/sys/compat/netbsd32/netbsd32_compat_20.c index fd93d5b6d22c..9d5feed6a545 100644 --- a/sys/compat/netbsd32/netbsd32_compat_20.c +++ b/sys/compat/netbsd32/netbsd32_compat_20.c @@ -57,6 +57,8 @@ static inline void compat_20_netbsd32_from_statvfs(struct statvfs *, static inline void compat_20_netbsd32_from_statvfs(struct statvfs *sbp, struct netbsd32_statfs *sb32p) { + + memset(sb32p, 0, sizeof(*sb32p)); sb32p->f_type = 0; /* XXX Put an actual value? */ sb32p->f_flags = sbp->f_flag; sb32p->f_bsize = (netbsd32_long)sbp->f_bsize; diff --git a/sys/compat/netbsd32/netbsd32_compat_43.c b/sys/compat/netbsd32/netbsd32_compat_43.c index b646d25f943a..43c0b08a2363 100644 --- a/sys/compat/netbsd32/netbsd32_compat_43.c +++ b/sys/compat/netbsd32/netbsd32_compat_43.c @@ -646,6 +646,7 @@ compat_43_netbsd32_osigvec(struct lwp *l, const struct compat_43_netbsd32_osigve return error; if (SCARG_P32(uap, osv)) { + memset(&sv32, 0, sizeof(sv32)); NETBSD32PTR32(sv32.sv_handler, osa.sa_handler); sv32.sv_mask = osa.sa_mask.__bits[0]; sv32.sv_flags = osa.sa_flags ^ SA_RESTART; @@ -704,6 +705,7 @@ compat_43_netbsd32_osigstack(struct lwp *l, const struct compat_43_netbsd32_osig return error; if (SCARG_P32(uap, oss)) { + memset(&ss32, 0, sizeof(ss32)); NETBSD32PTR32(ss32.ss_sp, osa.ss_sp); ss32.ss_onstack = (osa.ss_flags & SS_ONSTACK) != 0; error = copyout(&ss32, SCARG_P32(uap, oss), sizeof(ss32)); diff --git a/sys/compat/netbsd32/netbsd32_compat_50.c b/sys/compat/netbsd32/netbsd32_compat_50.c index 75a165a8dd07..81aaf3612c1b 100644 --- a/sys/compat/netbsd32/netbsd32_compat_50.c +++ b/sys/compat/netbsd32/netbsd32_compat_50.c @@ -170,6 +170,7 @@ compat_50_netbsd32_gettimeofday(struct lwp *l, * NetBSD has no kernel notion of time zone, so we just * fake up a timezone struct and return it if demanded. */ + memset(&tzfake, 0, sizeof(tzfake)); tzfake.tz_minuteswest = 0; tzfake.tz_dsttime = 0; error = copyout(&tzfake, SCARG_P32(uap, tzp), sizeof(tzfake)); @@ -255,6 +256,8 @@ compat_50_netbsd32_adjtime(struct lwp *l, return error; if (SCARG_P32(uap, olddelta)) { + memset(&atv, 0, sizeof(atv)); + mutex_spin_enter(&timecounter_lock); atv.tv_sec = time_adjtime / 1000000; atv.tv_usec = time_adjtime % 1000000; @@ -401,6 +404,7 @@ compat_50_netbsd32_timer_settime(struct lwp *l, return error; if (ovp) { + memset(&its32, 0, sizeof(its32)); netbsd32_from_timespec50(&ovp->it_interval, &its32.it_interval); netbsd32_from_timespec50(&ovp->it_value, &its32.it_value); return copyout(&its32, SCARG_P32(uap, ovalue), sizeof(its32)); @@ -423,6 +427,8 @@ compat_50_netbsd32_timer_gettime(struct lwp *l, const struct compat_50_netbsd32_ &its)) != 0) return error; + memset(&its32, 0, sizeof(its32)); + netbsd32_from_timespec50(&its.it_interval, &its32.it_interval); netbsd32_from_timespec50(&its.it_value, &its32.it_value); diff --git a/sys/compat/netbsd32/netbsd32_conv.h b/sys/compat/netbsd32/netbsd32_conv.h index 3e1b93ca5a6e..a267d6816bdf 100644 --- a/sys/compat/netbsd32/netbsd32_conv.h +++ b/sys/compat/netbsd32/netbsd32_conv.h @@ -58,6 +58,7 @@ netbsd32_from_timeval50(const struct timeval *tv, struct netbsd32_timeval50 *tv32) { + memset(tv32, 0, sizeof(*tv32)); tv32->tv_sec = (netbsd32_time50_t)tv->tv_sec; tv32->tv_usec = (netbsd32_long)tv->tv_usec; } @@ -67,6 +68,7 @@ netbsd32_from_timeval(const struct timeval *tv, struct netbsd32_timeval *tv32) { + memset(tv32, 0, sizeof(*tv32)); tv32->tv_sec = (netbsd32_time_t)tv->tv_sec; tv32->tv_usec = tv->tv_usec; } @@ -76,6 +78,7 @@ netbsd32_to_timeval50(const struct netbsd32_timeval50 *tv32, struct timeval *tv) { + memset(tv, 0, sizeof(*tv)); tv->tv_sec = (time_t)tv32->tv_sec; tv->tv_usec = tv32->tv_usec; } @@ -85,6 +88,7 @@ netbsd32_to_timeval(const struct netbsd32_timeval *tv32, struct timeval *tv) { + memset(tv, 0, sizeof(*tv)); tv->tv_sec = (time_t)tv32->tv_sec; tv->tv_usec = tv32->tv_usec; } @@ -94,6 +98,7 @@ netbsd32_from_itimerval50(const struct itimerval *itv, struct netbsd32_itimerval50 *itv32) { + memset(itv32, 0, sizeof(*itv32)); netbsd32_from_timeval50(&itv->it_interval, &itv32->it_interval); netbsd32_from_timeval50(&itv->it_value, @@ -105,6 +110,7 @@ netbsd32_from_itimerval(const struct itimerval *itv, struct netbsd32_itimerval *itv32) { + memset(itv32, 0, sizeof(*itv32)); netbsd32_from_timeval(&itv->it_interval, &itv32->it_interval); netbsd32_from_timeval(&itv->it_value, @@ -116,6 +122,7 @@ netbsd32_to_itimerval50(const struct netbsd32_itimerval50 *itv32, struct itimerval *itv) { + memset(itv, 0, sizeof(*itv)); netbsd32_to_timeval50(&itv32->it_interval, &itv->it_interval); netbsd32_to_timeval50(&itv32->it_value, &itv->it_value); } @@ -125,6 +132,7 @@ netbsd32_to_itimerval(const struct netbsd32_itimerval *itv32, struct itimerval *itv) { + memset(itv, 0, sizeof(*itv)); netbsd32_to_timeval(&itv32->it_interval, &itv->it_interval); netbsd32_to_timeval(&itv32->it_value, &itv->it_value); } @@ -134,6 +142,7 @@ netbsd32_to_timespec50(const struct netbsd32_timespec50 *s32p, struct timespec *p) { + memset(p, 0, sizeof(*p)); p->tv_sec = (time_t)s32p->tv_sec; p->tv_nsec = (long)s32p->tv_nsec; } @@ -143,6 +152,7 @@ netbsd32_to_timespec(const struct netbsd32_timespec *s32p, struct timespec *p) { + memset(p, 0, sizeof(*p)); p->tv_sec = (time_t)s32p->tv_sec; p->tv_nsec = (long)s32p->tv_nsec; } @@ -152,6 +162,7 @@ netbsd32_from_timespec50(const struct timespec *p, struct netbsd32_timespec50 *s32p) { + memset(s32p, 0, sizeof(*s32p)); s32p->tv_sec = (netbsd32_time50_t)p->tv_sec; s32p->tv_nsec = (netbsd32_long)p->tv_nsec; } @@ -161,6 +172,7 @@ netbsd32_from_timespec(const struct timespec *p, struct netbsd32_timespec *s32p) { + memset(s32p, 0, sizeof(*s32p)); s32p->tv_sec = (netbsd32_time_t)p->tv_sec; s32p->tv_nsec = (netbsd32_long)p->tv_nsec; } @@ -170,6 +182,7 @@ netbsd32_from_rusage(const struct rusage *rup, struct netbsd32_rusage *ru32p) { + memset(ru32p, 0, sizeof(*ru32p)); netbsd32_from_timeval(&rup->ru_utime, &ru32p->ru_utime); netbsd32_from_timeval(&rup->ru_stime, &ru32p->ru_stime); #define C(var) ru32p->var = (netbsd32_long)rup->var @@ -195,6 +208,7 @@ netbsd32_to_rusage(const struct netbsd32_rusage *ru32p, struct rusage *rup) { + memset(rup, 0, sizeof(*rup)); netbsd32_to_timeval(&ru32p->ru_utime, &rup->ru_utime); netbsd32_to_timeval(&ru32p->ru_stime, &rup->ru_stime); #define C(var) rup->var = (long)ru32p->var @@ -220,6 +234,7 @@ netbsd32_from_rusage50(const struct rusage *rup, struct netbsd32_rusage50 *ru32p) { + memset(ru32p, 0, sizeof(*ru32p)); netbsd32_from_timeval50(&rup->ru_utime, &ru32p->ru_utime); netbsd32_from_timeval50(&rup->ru_stime, &ru32p->ru_stime); #define C(var) ru32p->var = (netbsd32_long)rup->var @@ -254,6 +269,7 @@ netbsd32_to_iovecin(const struct netbsd32_iovec *iov32p, struct iovec *iovp, * each field separately. I'm doing the latter to reduce * the number of MALLOC()s. */ + memset(iovp, 0, sizeof(*iovp)); total_iov_len = 0; for (i = 0; i < len; i++, iovp++, iov32p++) { if ((error = copyin(&iov32p->iov_base, &iov_base, sizeof(iov_base)))) @@ -284,6 +300,7 @@ static __inline void netbsd32_to_msghdr(const struct netbsd32_msghdr *mhp32, struct msghdr *mhp) { + memset(mhp, 0, sizeof(*mhp)); mhp->msg_name = NETBSD32PTR64(mhp32->msg_name); mhp->msg_namelen = mhp32->msg_namelen; mhp->msg_iovlen = (size_t)mhp32->msg_iovlen; @@ -297,6 +314,7 @@ static __inline void netbsd32_from_msghdr(struct netbsd32_msghdr *mhp32, const struct msghdr *mhp) { + memset(mhp32, 0, sizeof(*mhp32)); NETBSD32PTR32(mhp32->msg_name, mhp->msg_name); mhp32->msg_namelen = mhp->msg_namelen; mhp32->msg_iovlen = mhp->msg_iovlen; @@ -309,21 +327,27 @@ static __inline void netbsd32_to_mmsghdr(const struct netbsd32_mmsghdr *mmsg32, struct mmsghdr *mmsg) { - netbsd32_to_msghdr(&mmsg32->msg_hdr, &mmsg->msg_hdr); - mmsg->msg_len = mmsg32->msg_len; + + memset(mmsg, 0, sizeof(*mmsg)); + netbsd32_to_msghdr(&mmsg32->msg_hdr, &mmsg->msg_hdr); + mmsg->msg_len = mmsg32->msg_len; } static __inline void netbsd32_from_mmsghdr(struct netbsd32_mmsghdr *mmsg32, const struct mmsghdr *mmsg) { - netbsd32_from_msghdr(&mmsg32->msg_hdr, &mmsg->msg_hdr); - mmsg32->msg_len = mmsg->msg_len; + + memset(mmsg32, 0, sizeof(*mmsg32)); + netbsd32_from_msghdr(&mmsg32->msg_hdr, &mmsg->msg_hdr); + mmsg32->msg_len = mmsg->msg_len; } static __inline void netbsd32_from_statvfs90(const struct statvfs *sbp, struct netbsd32_statvfs90 *sb32p) { + + memset(sb32p, 0, sizeof(*sb32p)); sb32p->f_flag = sbp->f_flag; sb32p->f_bsize = (netbsd32_u_long)sbp->f_bsize; sb32p->f_frsize = (netbsd32_u_long)sbp->f_frsize; @@ -364,6 +388,8 @@ netbsd32_from_statvfs90(const struct statvfs *sbp, struct netbsd32_statvfs90 *sb static __inline void netbsd32_from_statvfs(const struct statvfs *sbp, struct netbsd32_statvfs *sb32p) { + + memset(sb32p, 0, sizeof(*sb32p)); sb32p->f_flag = sbp->f_flag; sb32p->f_bsize = (netbsd32_u_long)sbp->f_bsize; sb32p->f_frsize = (netbsd32_u_long)sbp->f_frsize; @@ -406,6 +432,7 @@ static __inline void netbsd32_from_timex(const struct timex *txp, struct netbsd32_timex *tx32p) { + memset(tx32p, 0, sizeof(*tx32p)); tx32p->modes = txp->modes; tx32p->offset = (netbsd32_long)txp->offset; tx32p->freq = (netbsd32_long)txp->freq; @@ -429,6 +456,7 @@ static __inline void netbsd32_to_timex(const struct netbsd32_timex *tx32p, struct timex *txp) { + memset(txp, 0, sizeof(*txp)); txp->modes = tx32p->modes; txp->offset = (long)tx32p->offset; txp->freq = (long)tx32p->freq; @@ -451,6 +479,7 @@ netbsd32_to_timex(const struct netbsd32_timex *tx32p, struct timex *txp) static __inline void netbsd32_from___stat13(const struct stat *sbp, struct netbsd32_stat13 *sb32p) { + memset(sb32p, 0, sizeof *sb32p); sb32p->st_dev = (uint32_t)sbp->st_dev; sb32p->st_ino = sbp->st_ino; @@ -477,6 +506,7 @@ netbsd32_from___stat13(const struct stat *sbp, struct netbsd32_stat13 *sb32p) static __inline void netbsd32_from___stat50(const struct stat *sbp, struct netbsd32_stat50 *sb32p) { + memset(sb32p, 0, sizeof *sb32p); sb32p->st_dev = (uint32_t)sbp->st_dev; sb32p->st_ino = sbp->st_ino; @@ -503,6 +533,7 @@ netbsd32_from___stat50(const struct stat *sbp, struct netbsd32_stat50 *sb32p) static __inline void netbsd32_from_stat(const struct stat *sbp, struct netbsd32_stat *sb32p) { + memset(sb32p, 0, sizeof *sb32p); sb32p->st_dev = sbp->st_dev; sb32p->st_ino = sbp->st_ino; @@ -531,6 +562,7 @@ netbsd32_to_ipc_perm(const struct netbsd32_ipc_perm *ip32p, struct ipc_perm *ipp) { + memset(ipp, 0, sizeof(*ipp)); ipp->cuid = ip32p->cuid; ipp->cgid = ip32p->cgid; ipp->uid = ip32p->uid; @@ -559,6 +591,7 @@ static __inline void netbsd32_to_msg(const struct netbsd32_msg *m32p, struct msg *mp) { + memset(mp, 0, sizeof(*mp)); mp->msg_next = NETBSD32PTR64(m32p->msg_next); mp->msg_type = (long)m32p->msg_type; mp->msg_ts = m32p->msg_ts; @@ -581,6 +614,7 @@ netbsd32_to_msqid_ds50(const struct netbsd32_msqid_ds50 *ds32p, struct msqid_ds *dsp) { + memset(dsp, 0, sizeof(*dsp)); netbsd32_to_ipc_perm(&ds32p->msg_perm, &dsp->msg_perm); dsp->_msg_cbytes = (u_long)ds32p->_msg_cbytes; dsp->msg_qnum = (u_long)ds32p->msg_qnum; @@ -597,6 +631,7 @@ netbsd32_to_msqid_ds(const struct netbsd32_msqid_ds *ds32p, struct msqid_ds *dsp) { + memset(dsp, 0, sizeof(*dsp)); netbsd32_to_ipc_perm(&ds32p->msg_perm, &dsp->msg_perm); dsp->_msg_cbytes = (u_long)ds32p->_msg_cbytes; dsp->msg_qnum = (u_long)ds32p->msg_qnum; @@ -647,6 +682,7 @@ netbsd32_to_shmid_ds50(const struct netbsd32_shmid_ds50 *ds32p, struct shmid_ds *dsp) { + memset(dsp, 0, sizeof(*dsp)); netbsd32_to_ipc_perm(&ds32p->shm_perm, &dsp->shm_perm); dsp->shm_segsz = ds32p->shm_segsz; dsp->shm_lpid = ds32p->shm_lpid; @@ -662,6 +698,7 @@ netbsd32_to_shmid_ds(const struct netbsd32_shmid_ds *ds32p, struct shmid_ds *dsp) { + memset(dsp, 0, sizeof(*dsp)); netbsd32_to_ipc_perm(&ds32p->shm_perm, &dsp->shm_perm); dsp->shm_segsz = ds32p->shm_segsz; dsp->shm_lpid = ds32p->shm_lpid; @@ -709,6 +746,7 @@ netbsd32_to_semid_ds50(const struct netbsd32_semid_ds50 *s32dsp, struct semid_ds *dsp) { + memset(dsp, 0, sizeof(*dsp)); netbsd32_to_ipc_perm(&s32dsp->sem_perm, &dsp->sem_perm); dsp->sem_nsems = (time_t)s32dsp->sem_nsems; dsp->sem_otime = (time_t)s32dsp->sem_otime; @@ -720,6 +758,7 @@ netbsd32_to_semid_ds(const struct netbsd32_semid_ds *s32dsp, struct semid_ds *dsp) { + memset(dsp, 0, sizeof(*dsp)); netbsd32_to_ipc_perm(&s32dsp->sem_perm, &dsp->sem_perm); dsp->sem_nsems = s32dsp->sem_nsems; dsp->sem_otime = s32dsp->sem_otime; @@ -755,6 +794,7 @@ netbsd32_from_loadavg(struct netbsd32_loadavg *av32, const struct loadavg *av) { + memset(av32, 0, sizeof(*av32)); av32->ldavg[0] = av->ldavg[0]; av32->ldavg[1] = av->ldavg[1]; av32->ldavg[2] = av->ldavg[2]; @@ -764,6 +804,8 @@ netbsd32_from_loadavg(struct netbsd32_loadavg *av32, static __inline void netbsd32_to_kevent(struct netbsd32_kevent *ke32, struct kevent *ke) { + + memset(ke, 0, sizeof(*ke)); ke->ident = ke32->ident; ke->filter = ke32->filter; ke->flags = ke32->flags; @@ -775,6 +817,8 @@ netbsd32_to_kevent(struct netbsd32_kevent *ke32, struct kevent *ke) static __inline void netbsd32_from_kevent(struct kevent *ke, struct netbsd32_kevent *ke32) { + + memset(ke32, 0, sizeof(*ke32)); ke32->ident = ke->ident; ke32->filter = ke->filter; ke32->flags = ke->flags; @@ -786,6 +830,8 @@ netbsd32_from_kevent(struct kevent *ke, struct netbsd32_kevent *ke32) static __inline void netbsd32_to_sigevent(const struct netbsd32_sigevent *ev32, struct sigevent *ev) { + + memset(ev, 0, sizeof(*ev)); ev->sigev_notify = ev32->sigev_notify; ev->sigev_signo = ev32->sigev_signo; /* @@ -848,6 +894,7 @@ netbsd32_copyout_plistref(netbsd32_pointer_t n32p, struct plistref *p) { struct netbsd32_plistref n32plist; + memset(&n32plist, 0, sizeof(n32plist)); NETBSD32PTR32(n32plist.pref_plist, p->pref_plist); n32plist.pref_len = p->pref_len; return copyout(&n32plist, NETBSD32PTR64(n32p), @@ -875,6 +922,7 @@ netbsd32_copyout_nvlist_ref_t(netbsd32_pointer_t n32p, nvlist_ref_t *p) { netbsd32_nvlist_ref_t n32nv; + memset(&n32nv, 0, sizeof(n32nv)); NETBSD32PTR32(n32nv.buf, p->buf); n32nv.len = p->len; n32nv.flags = p->flags; @@ -886,6 +934,8 @@ static __inline void netbsd32_to_mq_attr(const struct netbsd32_mq_attr *a32, struct mq_attr *attr) { + + memset(attr, 0, sizeof(*attr)); attr->mq_flags = a32->mq_flags; attr->mq_maxmsg = a32->mq_maxmsg; attr->mq_msgsize = a32->mq_msgsize; @@ -896,6 +946,8 @@ static __inline void netbsd32_from_mq_attr(const struct mq_attr *attr, struct netbsd32_mq_attr *a32) { + + memset(a32, 0, sizeof(*a32)); a32->mq_flags = attr->mq_flags; a32->mq_maxmsg = attr->mq_maxmsg; a32->mq_msgsize = attr->mq_msgsize; diff --git a/sys/compat/netbsd32/netbsd32_nfssvc.c b/sys/compat/netbsd32/netbsd32_nfssvc.c index 91e01393e3e7..56475c14aba7 100644 --- a/sys/compat/netbsd32/netbsd32_nfssvc.c +++ b/sys/compat/netbsd32/netbsd32_nfssvc.c @@ -121,6 +121,7 @@ nfssvc32_nsd_out(void *argp, const struct nfsd_srvargs *nsd) { struct netbsd32_nfsd_srvargs args32; + memset(&args32, 0, sizeof(args32)); NETBSD32PTR32(args32.nsd_nfsd, nsd->nsd_nfsd); args32.nsd_uid = nsd->nsd_uid; args32.nsd_haddr = nsd->nsd_haddr; diff --git a/sys/compat/netbsd32/netbsd32_ptrace.c b/sys/compat/netbsd32/netbsd32_ptrace.c index a67119a21a11..e4fe0cb6575a 100644 --- a/sys/compat/netbsd32/netbsd32_ptrace.c +++ b/sys/compat/netbsd32/netbsd32_ptrace.c @@ -55,6 +55,7 @@ static void netbsd32_lwpstatus_to_lwpstatus32(struct netbsd32_ptrace_lwpstatus *pls32, const struct ptrace_lwpstatus *pls) { + memset(pls32, 0, sizeof(*pls32)); pls32->pl_lwpid = pls->pl_lwpid; pls32->pl_sigpend = pls->pl_sigpend; pls32->pl_sigmask = pls->pl_sigmask; @@ -103,6 +104,7 @@ netbsd32_copyout_piod(const struct ptrace_io_desc *piod, void *addr, size_t len) if (len != 0 && sizeof(piod32) != len) return EINVAL; + memset(&piod32, 0, sizeof(piod32)); piod32.piod_op = piod->piod_op; NETBSD32PTR32(piod32.piod_offs, piod->piod_offs); NETBSD32PTR32(piod32.piod_addr, piod->piod_addr); @@ -134,6 +136,7 @@ netbsd32_copyout_siginfo(const struct ptrace_siginfo *psi, void *addr, size_t le if (sizeof(psi32) != len) return EINVAL; + memset(&psi32, 0, sizeof(psi32)); psi32.psi_lwpid = psi->psi_lwpid; netbsd32_si_to_si32(&psi32.psi_siginfo, &psi->psi_siginfo); return copyout(&psi32, addr, sizeof(psi32)); diff --git a/sys/compat/netbsd32/netbsd32_signal.c b/sys/compat/netbsd32/netbsd32_signal.c index 5776be0a8255..2b1f3f14b483 100644 --- a/sys/compat/netbsd32/netbsd32_signal.c +++ b/sys/compat/netbsd32/netbsd32_signal.c @@ -86,6 +86,7 @@ netbsd32_sigaction(struct lwp *l, const struct netbsd32_sigaction_args *uap, reg return error; if (SCARG_P32(uap, osa)) { + memset(&sa32, 0, sizeof(sa32)); NETBSD32PTR32(sa32.netbsd32_sa_handler, osa.sa_handler); sa32.netbsd32_sa_mask = osa.sa_mask.__bits[0]; sa32.netbsd32_sa_flags = osa.sa_flags; @@ -135,6 +136,7 @@ netbsd32___sigaction14(struct lwp *l, const struct netbsd32___sigaction14_args * if (error) return error; if (SCARG_P32(uap, osa)) { + memset(&sa32, 0, sizeof(sa32)); NETBSD32PTR32(sa32.netbsd32_sa_handler, osa.sa_handler); sa32.netbsd32_sa_mask = osa.sa_mask; sa32.netbsd32_sa_flags = osa.sa_flags; @@ -175,6 +177,7 @@ netbsd32___sigaction_sigtramp(struct lwp *l, const struct netbsd32___sigaction_s if (error) return error; if (SCARG_P32(uap, osa)) { + memset(&sa32, 0, sizeof(sa32)); NETBSD32PTR32(sa32.netbsd32_sa_handler, osa.sa_handler); sa32.netbsd32_sa_mask = osa.sa_mask; sa32.netbsd32_sa_flags = osa.sa_flags; diff --git a/sys/compat/netbsd32/netbsd32_time.c b/sys/compat/netbsd32/netbsd32_time.c index 7fb4057c544c..2db6338fe66f 100644 --- a/sys/compat/netbsd32/netbsd32_time.c +++ b/sys/compat/netbsd32/netbsd32_time.c @@ -204,6 +204,7 @@ netbsd32___gettimeofday50(struct lwp *l, const struct netbsd32___gettimeofday50_ * NetBSD has no kernel notion of time zone, so we just * fake up a timezone struct and return it if demanded. */ + memset(&tzfake, 0, sizeof(tzfake)); tzfake.tz_minuteswest = 0; tzfake.tz_dsttime = 0; error = copyout(&tzfake, SCARG_P32(uap, tzp), sizeof(tzfake)); @@ -268,6 +269,7 @@ netbsd32___adjtime50(struct lwp *l, const struct netbsd32___adjtime50_args *uap, return error; if (SCARG_P32(uap, olddelta)) { + memset(&atv, 0, sizeof(atv)); atv.tv_sec = time_adjtime / 1000000; atv.tv_usec = time_adjtime % 1000000; if (atv.tv_usec < 0) { @@ -479,6 +481,7 @@ netbsd32___timer_settime50(struct lwp *l, const struct netbsd32___timer_settime5 return error; if (ovp) { + memset(&its32, 0, sizeof(its32)); netbsd32_from_timespec(&ovp->it_interval, &its32.it_interval); netbsd32_from_timespec(&ovp->it_value, &its32.it_value); return copyout(&its32, SCARG_P32(uap, ovalue), sizeof(its32)); @@ -501,6 +504,7 @@ netbsd32___timer_gettime50(struct lwp *l, const struct netbsd32___timer_gettime5 &its)) != 0) return error; + memset(&its32, 0, sizeof(its32)); netbsd32_from_timespec(&its.it_interval, &its32.it_interval); netbsd32_from_timespec(&its.it_value, &its32.it_value); diff --git a/sys/compat/netbsd32/netbsd32_wait.c b/sys/compat/netbsd32/netbsd32_wait.c index adf1fee0aec0..db732f0d0433 100644 --- a/sys/compat/netbsd32/netbsd32_wait.c +++ b/sys/compat/netbsd32/netbsd32_wait.c @@ -133,6 +133,7 @@ netbsd32_wait6(struct lwp *l, const struct netbsd32_wait6_args *uap, if (wrup != NULL && error == 0) { struct netbsd32_wrusage wru32; + memset(&wru32, 0, sizeof(wru32)); netbsd32_from_rusage(&wrup->wru_self, &wru32.wru_self); netbsd32_from_rusage(&wrup->wru_children, &wru32.wru_children); error = copyout(&wru32, SCARG_P32(uap, wru), sizeof(wru32)); diff --git a/sys/compat/ossaudio/ossaudio.c b/sys/compat/ossaudio/ossaudio.c index 202bda1dba37..a91e438b144d 100644 --- a/sys/compat/ossaudio/ossaudio.c +++ b/sys/compat/ossaudio/ossaudio.c @@ -664,6 +664,7 @@ oss_ioctl_audio(struct lwp *l, const struct oss_sys_ioctl_args *uap, register_t goto out; } setblocksize(fp, &tmpinfo); + memset(&bufinfo, 0, sizeof(bufinfo)); bufinfo.fragsize = tmpinfo.blocksize; bufinfo.fragments = tmpinfo.hiwat - (tmpinfo.play.seek + tmpinfo.blocksize - 1) / @@ -686,6 +687,7 @@ oss_ioctl_audio(struct lwp *l, const struct oss_sys_ioctl_args *uap, register_t goto out; } setblocksize(fp, &tmpinfo); + memset(&bufinfo, 0, sizeof(bufinfo)); bufinfo.fragsize = tmpinfo.blocksize; bufinfo.fragments = tmpinfo.record.seek / tmpinfo.blocksize; bufinfo.fragstotal = @@ -776,6 +778,7 @@ oss_ioctl_audio(struct lwp *l, const struct oss_sys_ioctl_args *uap, register_t __func__, error)); goto out; } + memset(&cntinfo, 0, sizeof(cntinfo)); cntinfo.bytes = tmpoffs.samples; cntinfo.blocks = tmpoffs.deltablks; cntinfo.ptr = tmpoffs.offset; @@ -793,6 +796,7 @@ oss_ioctl_audio(struct lwp *l, const struct oss_sys_ioctl_args *uap, register_t __func__, error)); goto out; } + memset(&cntinfo, 0, sizeof(cntinfo)); cntinfo.bytes = tmpoffs.samples; cntinfo.blocks = tmpoffs.deltablks; cntinfo.ptr = tmpoffs.offset; diff --git a/sys/compat/sunos/sunos_ioctl.c b/sys/compat/sunos/sunos_ioctl.c index 10f65b996427..13925bd9db19 100644 --- a/sys/compat/sunos/sunos_ioctl.c +++ b/sys/compat/sunos/sunos_ioctl.c @@ -248,6 +248,8 @@ btios2stios(struct termios *bt, struct sunos_termios *st) u_long l, r; int s; + memset(st, 0, sizeof(*st)); + l = bt->c_iflag; r = ((l & IGNBRK) ? 0x00000001 : 0); r |= ((l & BRKINT) ? 0x00000002 : 0); @@ -372,6 +374,7 @@ btios2stios(struct termios *bt, struct sunos_termios *st) static void stios2stio(struct sunos_termios *ts, struct sunos_termio *t) { + memset(t, 0, sizeof(*t)); t->c_iflag = ts->c_iflag; t->c_oflag = ts->c_oflag; t->c_cflag = ts->c_cflag; @@ -486,6 +489,7 @@ sunos_sys_ioctl(struct lwp *l, const struct sunos_sys_ioctl_args *uap, if ((error = (*ctl)(fp, TIOCGWINSZ, &ws)) != 0) break; + memset(&ss, 0, sizeof(ss)); ss.ts_row = ws.ws_row; ss.ts_col = ws.ws_col; @@ -727,6 +731,7 @@ sunos_sys_ioctl(struct lwp *l, const struct sunos_sys_ioctl_args *uap, if (error) break; + memset(&sunos_aui, 0, sizeof(sunos_aui)); sunos_aui.play = *(struct sunos_audio_prinfo *)&aui.play; sunos_aui.record = *(struct sunos_audio_prinfo *)&aui.record; @@ -937,6 +942,9 @@ static void sunos_to_bsd_flock(struct sunos_flock *, struct flock *); static void bsd_to_sunos_flock(struct flock *iflp, struct sunos_flock *oflp) { + + memset(oflp, 0, sizeof(*oflp)); + switch (iflp->l_type) { case F_RDLCK: oflp->l_type = SUNOS_F_RDLCK; @@ -963,6 +971,9 @@ bsd_to_sunos_flock(struct flock *iflp, struct sunos_flock *oflp) static void sunos_to_bsd_flock(struct sunos_flock *iflp, struct flock *oflp) { + + memset(oflp, 0, sizeof(*oflp)); + switch (iflp->l_type) { case SUNOS_F_RDLCK: oflp->l_type = F_RDLCK; diff --git a/sys/compat/sunos/sunos_misc.c b/sys/compat/sunos/sunos_misc.c index 9156b0eaf8bc..bf02736a0c47 100644 --- a/sys/compat/sunos/sunos_misc.c +++ b/sys/compat/sunos/sunos_misc.c @@ -309,6 +309,7 @@ void sunos_to_native_sigset(const int, sigset_t *); inline void native_to_sunos_sigset(const sigset_t *ss, int *mask) { + *mask = ss->__bits[0]; } @@ -316,6 +317,7 @@ inline void sunos_to_native_sigset(const int mask, sigset_t *ss) { + memset(ss, 0, sizeof(*ss)); ss->__bits[0] = mask; ss->__bits[1] = 0; ss->__bits[2] = 0; @@ -435,6 +437,7 @@ again: off += reclen; continue; } + memset(&idb, 0, sizeof(idb)); sunos_reclen = SUNOS_RECLEN(&idb, bdp->d_namlen); if (reclen > len || resid < sunos_reclen) { /* entry too big for buffer, so just stop */ diff --git a/sys/compat/sunos32/sunos32_ioctl.c b/sys/compat/sunos32/sunos32_ioctl.c index 5dfc46ccac80..598a05bae6e3 100644 --- a/sys/compat/sunos32/sunos32_ioctl.c +++ b/sys/compat/sunos32/sunos32_ioctl.c @@ -163,6 +163,8 @@ stios2btios(struct sunos_termios *st, struct termios *bt) { netbsd32_u_long l, r; + memset(bt, 0, sizeof(*bt)); + l = st->c_iflag; r = ((l & 0x00000001) ? IGNBRK : 0); r |= ((l & 0x00000002) ? BRKINT : 0); @@ -284,6 +286,8 @@ btios2stios(struct termios *bt, struct sunos_termios *st) netbsd32_u_long l, r; int s; + memset(st, 0, sizeof(*st)); + l = bt->c_iflag; r = ((l & IGNBRK) ? 0x00000001 : 0); r |= ((l & BRKINT) ? 0x00000002 : 0); @@ -408,6 +412,8 @@ btios2stios(struct termios *bt, struct sunos_termios *st) static void stios2stio(struct sunos_termios *ts, struct sunos_termio *t) { + + memset(t, 0, sizeof(*t)); t->c_iflag = ts->c_iflag; t->c_oflag = ts->c_oflag; t->c_cflag = ts->c_cflag; @@ -419,6 +425,8 @@ stios2stio(struct sunos_termios *ts, struct sunos_termio *t) static void stio2stios(struct sunos_termio *t, struct sunos_termios *ts) { + + memset(ts, 0, sizeof(*ts)); ts->c_iflag = t->c_iflag; ts->c_oflag = t->c_oflag; ts->c_cflag = t->c_cflag; @@ -534,6 +542,7 @@ sunos32_sys_ioctl(struct lwp *l, const struct sunos32_sys_ioctl_args *uap, if (error != 0) return error; + memset(&ss, 0, sizeof(ss)); ss.ts_row = ws.ws_row; ss.ts_col = ws.ws_col; @@ -766,6 +775,8 @@ sunos32_sys_ioctl(struct lwp *l, const struct sunos32_sys_ioctl_args *uap, if (error) return error; + memset(&sunos_aui, 0, sizeof(sunos_aui)); + sunos_aui.play = *(struct sunos_audio_prinfo *)&aui.play; sunos_aui.record = *(struct sunos_audio_prinfo *)&aui.record; @@ -962,6 +973,9 @@ static void sunos_to_bsd_flock(struct sunos_flock *, struct flock *); static void bsd_to_sunos_flock(struct flock *iflp, struct sunos_flock *oflp) { + + memset(oflp, 0, sizeof(*oflp)); + switch (iflp->l_type) { case F_RDLCK: oflp->l_type = SUNOS_F_RDLCK; @@ -988,6 +1002,9 @@ bsd_to_sunos_flock(struct flock *iflp, struct sunos_flock *oflp) static void sunos_to_bsd_flock(struct sunos_flock *iflp, struct flock *oflp) { + + memset(oflp, 0, sizeof(*oflp)); + switch (iflp->l_type) { case SUNOS_F_RDLCK: oflp->l_type = F_RDLCK; diff --git a/sys/compat/sunos32/sunos32_misc.c b/sys/compat/sunos32/sunos32_misc.c index 74d93c0faed8..ace2ba8c1c76 100644 --- a/sys/compat/sunos32/sunos32_misc.c +++ b/sys/compat/sunos32/sunos32_misc.c @@ -161,6 +161,7 @@ sunos32_sigvec_from_sigaction( { /*XXX*/ extern void compat_43_sigset_to_sigmask(const sigset_t *, int *); + memset(sv, 0, sizeof(*sv)); NETBSD32PTR32(sv->sv_handler, sa->sa_handler); compat_43_sigset_to_sigmask(&sa->sa_mask, &sv->sv_mask); sv->sv_flags = sa->sa_flags ^ SA_RESTART; @@ -487,6 +488,7 @@ void sunos_to_native_sigset(const int, sigset_t *); inline void native_to_sunos_sigset(const sigset_t *ss, int *mask) { + *mask = ss->__bits[0]; } @@ -494,6 +496,7 @@ inline void sunos_to_native_sigset(const int mask, sigset_t *ss) { + memset(ss, 0, sizeof(*ss)); ss->__bits[0] = mask; ss->__bits[1] = 0; ss->__bits[2] = 0; @@ -622,6 +625,7 @@ again: off += reclen; continue; } + memset(&idb, 0, sizeof(idb)); sunos_reclen = SUNOS32_RECLEN(&idb, bdp->d_namlen); if (reclen > len || resid < sunos_reclen) { /* entry too big for buffer, so just stop */ diff --git a/sys/compat/sys/statvfs.h b/sys/compat/sys/statvfs.h index cb6ad033362c..e5e9dd3c2321 100644 --- a/sys/compat/sys/statvfs.h +++ b/sys/compat/sys/statvfs.h @@ -77,6 +77,9 @@ __BEGIN_DECLS static __inline void statvfs_to_statvfs90(const struct statvfs *s, struct statvfs90 *s90) { + + memset(s90, 0, sizeof(*s90)); + s90->f_flag = s->f_flag; s90->f_bsize = s->f_bsize; s90->f_frsize = s->f_frsize; diff --git a/sys/compat/sys/time_types.h b/sys/compat/sys/time_types.h index 10898905f33d..07245e56e628 100644 --- a/sys/compat/sys/time_types.h +++ b/sys/compat/sys/time_types.h @@ -72,61 +72,68 @@ struct itimerspec50 { struct timespec50 it_value; }; -static __inline void timeval50_to_timeval(const struct timeval50 *ts50, - struct timeval *ts) +static __inline void +timeval50_to_timeval(const struct timeval50 *ts50, struct timeval *ts) { + memset(ts, 0, sizeof(*ts)); ts->tv_sec = ts50->tv_sec; ts->tv_usec = (suseconds_t)ts50->tv_usec; } -static __inline void timeval_to_timeval50(const struct timeval *ts, - struct timeval50 *ts50) +static __inline void +timeval_to_timeval50(const struct timeval *ts, struct timeval50 *ts50) { + memset(ts50, 0, sizeof(*ts50)); ts50->tv_sec = (long)ts->tv_sec; ts50->tv_usec = ts->tv_usec; } -static __inline void timespec50_to_timespec(const struct timespec50 *ts50, - struct timespec *ts) +static __inline void +timespec50_to_timespec(const struct timespec50 *ts50, struct timespec *ts) { + memset(ts, 0, sizeof(*ts)); ts->tv_sec = ts50->tv_sec; ts->tv_nsec = ts50->tv_nsec; } -static __inline void timespec_to_timespec50(const struct timespec *ts, - struct timespec50 *ts50) +static __inline void +timespec_to_timespec50(const struct timespec *ts, struct timespec50 *ts50) { -#if INT32_MAX < LONG_MAX /* scrub padding */ - memset(ts50, 0, offsetof(struct timespec50, tv_nsec)); -#endif + memset(ts50, 0, sizeof(*ts50)); ts50->tv_sec = (int32_t)ts->tv_sec; ts50->tv_nsec = ts->tv_nsec; } -static __inline void itimerval50_to_itimerval(const struct itimerval50 *ts50, - struct itimerval *ts) +static __inline void +itimerval50_to_itimerval(const struct itimerval50 *ts50, struct itimerval *ts) { + memset(ts, 0, sizeof(*ts)); timeval50_to_timeval(&ts50->it_interval, &ts->it_interval); timeval50_to_timeval(&ts50->it_value, &ts->it_value); } -static __inline void itimerval_to_itimerval50(const struct itimerval *ts, - struct itimerval50 *ts50) +static __inline void +itimerval_to_itimerval50(const struct itimerval *ts, struct itimerval50 *ts50) { + memset(ts50, 0, sizeof(*ts50)); timeval_to_timeval50(&ts->it_interval, &ts50->it_interval); timeval_to_timeval50(&ts->it_value, &ts50->it_value); } -static __inline void itimerspec50_to_itimerspec(const struct itimerspec50 *ts50, +static __inline void +itimerspec50_to_itimerspec(const struct itimerspec50 *ts50, struct itimerspec *ts) { + memset(ts, 0, sizeof(*ts)); timespec50_to_timespec(&ts50->it_interval, &ts->it_interval); timespec50_to_timespec(&ts50->it_value, &ts->it_value); } -static __inline void itimerspec_to_itimerspec50(const struct itimerspec *ts, +static __inline void +itimerspec_to_itimerspec50(const struct itimerspec *ts, struct itimerspec50 *ts50) { + memset(ts50, 0, sizeof(*ts50)); timespec_to_timespec50(&ts->it_interval, &ts50->it_interval); timespec_to_timespec50(&ts->it_value, &ts50->it_value); } diff --git a/sys/compat/ultrix/ultrix_ioctl.c b/sys/compat/ultrix/ultrix_ioctl.c index 95faa29a0e41..9b56fe79dd81 100644 --- a/sys/compat/ultrix/ultrix_ioctl.c +++ b/sys/compat/ultrix/ultrix_ioctl.c @@ -145,6 +145,8 @@ stios2btios(struct emul_termios *st, struct termios *bt) { uint32_t l, r; + memset(bt, 0, sizeof(*bt)); + l = st->c_iflag; r = ((l & 0x00000001) ? IGNBRK : 0); r |= ((l & 0x00000002) ? BRKINT : 0); @@ -276,6 +278,8 @@ btios2stios(struct termios *bt, struct emul_termios *st) uint32_t l, r; int speed; + memset(st, 0, sizeof(*st)); + l = bt->c_iflag; r = ((l & IGNBRK) ? 0x00000001 : 0); r |= ((l & BRKINT) ? 0x00000002 : 0); @@ -419,6 +423,8 @@ btios2stios(struct termios *bt, struct emul_termios *st) static void stios2stio(struct emul_termios *ts, struct emul_termio *t) { + + memset(t, 0, sizeof(*t)); t->c_iflag = ts->c_iflag; t->c_oflag = ts->c_oflag; t->c_cflag = ts->c_cflag; @@ -433,6 +439,8 @@ stios2stio(struct emul_termios *ts, struct emul_termio *t) static void stio2stios(struct emul_termio *t, struct emul_termios *ts) { + + memset(ts, 0, sizeof(*t)); ts->c_iflag = t->c_iflag; ts->c_oflag = t->c_oflag; ts->c_cflag = t->c_cflag; @@ -534,6 +542,7 @@ ultrix_sys_ioctl(struct lwp *l, const struct ultrix_sys_ioctl_args *uap, if (error != 0) return error; + memset(&ss, 0, sizeof(ss)); ss.ts_row = ws.ws_row; ss.ts_col = ws.ws_col; diff --git a/sys/compat/ultrix/ultrix_misc.c b/sys/compat/ultrix/ultrix_misc.c index 6ab449ed954a..659fd552b411 100644 --- a/sys/compat/ultrix/ultrix_misc.c +++ b/sys/compat/ultrix/ultrix_misc.c @@ -628,6 +628,7 @@ ultrix_sys_sigvec(struct lwp *l, const struct ultrix_sys_sigvec_args *uap, regis if (error) return error; if (SCARG(uap, osv)) { + memset(&osv, 0, sizeof(osv)); osv.sv_handler = osa.sa_handler; osv.sv_flags = osa.sa_flags ^ SA_RESTART; osv.sv_flags &= (ULTRIX_SV_ONSTACK | ULTRIX_SV_INTERRUPT); @@ -687,6 +688,8 @@ static int ultrix_to_bsd_flock(struct ultrix_flock *ufl, struct flock *fl) { + memset(fl, 0, sizeof(*fl)); + fl->l_start = ufl->l_start; fl->l_len = ufl->l_len; fl->l_pid = ufl->l_pid; @@ -713,6 +716,8 @@ static void bsd_to_ultrix_flock(struct flock *fl, struct ultrix_flock *ufl) { + memset(ufl, 0, sizeof(*ufl)); + ufl->l_start = fl->l_start; ufl->l_len = fl->l_len; ufl->l_pid = fl->l_pid;