DragonFlyBSD Kernel Audit
← dashboard
DF-0102

Uninitialized payload fields (ktr_sysret.ktr_eosys, ktr_syscall padding) written to trace file

Summary

ktrsysret (kern_ktrace.c:143 struct ktr_sysret ktp stack; only ktr_code/error/retval set :148-153; ktr_eosys (ktrace.h:127) NEVER assigned anywhere in tree but ktr_len=sizeof(ktr_sysret) :156 -> 2 uninit bytes written to trace). ktrsyscall ktr_syscall 4 bytes padding between ktr_narg(off2) and 8-byte ktr_args[0](off8) bytes4-7 never written ktp_cache uninit stack (:114) kmalloc not M_ZERO (:96) ktr_len=offsetof(ktr_args[narg]) (:94). Self-trace KTRFAC_SYSCALL|SYSRET read trace file stale kernel mem. Fix: memset payload before fill + M_ZERO kmalloc.