RE: [EXTERNAL] Re: Potential bug in gpiolib-cdev.c in v1 notification about line info changes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> 
> Looks like a bug to me too - well spotted :(.
> 
> > We wanted to get your thoughts on if you feel this is actually a bug, or if we
> overlooked something.
> > We're proposing to fix this issue by memsetting the entire structure to zero
> before calling the conversion routine; if you agree that that's a valid
> approach, I'm happy to submit an official patch.
> >
> 
> Go for it.
> I'd zero the padding in the conversion routine myself, but zeroing the whole
> struct in the same routine as the copy_to_user(), as you suggest, would more
> clearly demonstrate that it isn't leaking stack.

Sounds good. I'll send out the patch shortly.
Do you think I should CC: security@xxxxxxxxxx on the patch?

Thanks.
-Gabe
[Index of Archives]     [Linux SPI]     [Linux Kernel]     [Linux ARM (vger)]     [Linux ARM MSM]     [Linux Omap]     [Linux Arm]     [Linux Tegra]     [Fedora ARM]     [Linux for Samsung SOC]     [eCos]     [Linux Fastboot]     [Gcc Help]     [Git]     [DCCP]     [IETF Announce]     [Security]     [Linux MIPS]     [Yosemite Campsites]

  Powered by Linux