Re: [patch] ALSA: hdsp - info leak in snd_hdsp_hwdep_ioctl()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At Wed, 16 Oct 2013 11:44:25 +0300,
Dan Carpenter wrote:
> 
> In GCC the sizeof(hdsp_version) is 8 because there is a 2 byte hole at
> the end of the struct after ->firmware_rev.
> 
> Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

Thanks, applied.


Takashi

> 
> diff --git a/sound/pci/rme9652/hdsp.c b/sound/pci/rme9652/hdsp.c
> index 4f255df..f59a321 100644
> --- a/sound/pci/rme9652/hdsp.c
> +++ b/sound/pci/rme9652/hdsp.c
> @@ -4845,6 +4845,7 @@ static int snd_hdsp_hwdep_ioctl(struct snd_hwdep *hw, struct file *file, unsigne
>  			if ((err = hdsp_get_iobox_version(hdsp)) < 0)
>  				return err;
>  		}
> +		memset(&hdsp_version, 0, sizeof(hdsp_version));
>  		hdsp_version.io_type = hdsp->io_type;
>  		hdsp_version.firmware_rev = hdsp->firmware_rev;
>  		if ((err = copy_to_user(argp, &hdsp_version, sizeof(hdsp_version))))
> 
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux