Looks fine to me - will merge into cifs-2.6.git On Tue, Jan 6, 2015 at 3:37 PM, Giel van Schijndel <me@xxxxxxxxx> wrote: > When leaving a function use memzero_explicit instead of memset(0) to > clear stack allocated buffers. memset(0) may be optimized away. > > This particular buffer is highly likely to contain sensitive data which > we shouldn't leak (it's named 'passwd' after all). > > Signed-off-by: Giel van Schijndel <me@xxxxxxxxx> > Reported-at: http://www.viva64.com/en/b/0299/ > Reported-by: Andrey Karpov > Reported-by: Svyatoslav Razmyslov > --- > fs/cifs/smbencrypt.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c > index 6c15663..a4232ec 100644 > --- a/fs/cifs/smbencrypt.c > +++ b/fs/cifs/smbencrypt.c > @@ -221,7 +221,7 @@ E_md4hash(const unsigned char *passwd, unsigned char *p16, > } > > rc = mdfour(p16, (unsigned char *) wpwd, len * sizeof(__le16)); > - memset(wpwd, 0, 129 * sizeof(__le16)); > + memzero_explicit(wpwd, sizeof(wpwd)); > > return rc; > } > -- > 2.1.4 > -- Thanks, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
