From: Minghao Chi (CGEL ZTE) <chi.minghao@xxxxxxxxxx> Use memset to initialize structs to preventing infoleaks in sctp_auth_chunk_verify Reported-by: Zeal Robot <zealci@xxxxxxxxxx> Signed-off-by: Minghao Chi (CGEL ZTE) <chi.minghao@xxxxxxxxxx> --- net/sctp/sm_statefuns.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/sctp/sm_statefuns.c b/net/sctp/sm_statefuns.c index cc544a97c4af..7ff16d12e0c5 100644 --- a/net/sctp/sm_statefuns.c +++ b/net/sctp/sm_statefuns.c @@ -652,6 +652,7 @@ static bool sctp_auth_chunk_verify(struct net *net, struct sctp_chunk *chunk, return false; /* set-up our fake chunk so that we can process it */ + memset(&auth, 0x0, sizeof(auth)); auth.skb = chunk->auth_chunk; auth.asoc = chunk->asoc; auth.sctp_hdr = chunk->sctp_hdr; -- 2.25.1
