git.samba.org / sfrench / cifs-2.6.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5d2be14)
rds: fix an infoleak in rds_inc_info_copy
authorKangjie Lu <kangjielu@gmail.com>
Thu, 2 Jun 2016 08:11:20 +0000 (04:11 -0400)
committerDavid S. Miller <davem@davemloft.net>
Fri, 3 Jun 2016 04:32:37 +0000 (21:32 -0700)
The last field "flags" of object "minfo" is not initialized.
Copying this object out may leak kernel stack data.
Assign 0 to it to avoid leak.

Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
Acked-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/rds/recv.c patch | blob | history

diff --git a/net/rds/recv.c b/net/rds/recv.c
index c0be1ecd11c99ce57360687fa2b34f312c0cf0d6..8413f6c99e13519d7cbfa1ec6ce3877a0059caa7 100644 (file)
--- a/net/rds/recv.c
+++ b/net/rds/recv.c
@@ -561,5 +561,7 @@ void rds_inc_info_copy(struct rds_incoming *inc,
                minfo.fport = inc->i_hdr.h_dport;
        }
 
+       minfo.flags = 0;
+
        rds_info_copy(iter, &minfo, sizeof(minfo));
 }
Unnamed repository; edit this file 'description' to name the repository.