Smatch has a new check for Rosenberg type information leaks where
structs are copied to the user with uninitialized stack data in them.
The issue here is that struct input_event_compat has a hole in it.
struct input_event_compat {
struct compat_timeval {
} time; /* 0 0 */
/* XXX 8 bytes hole, try to pack */
short unsigned int type; /* 8 2 */
Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
diff --git a/drivers/input/input-compat.c b/drivers/input/input-compat.c
index e46a867..007850a 100644
--- a/drivers/input/input-compat.c
+++ b/drivers/input/input-compat.c
@@ -44,6 +44,8 @@ int input_event_to_user(char __user *buffer,
if (INPUT_COMPAT_TEST) {
struct input_event_compat compat_event;
+ memset(&compat_event, 0, sizeof(compat_event));
+
compat_event.time.tv_sec = event->time.tv_sec;
compat_event.time.tv_usec = event->time.tv_usec;
compat_event.type = event->type;
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
