Re: [ 030/143] proc connector: fix info leaks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12 May 2014 02:32, Willy Tarreau <w@xxxxxx> wrote:
> 2.6.32-longterm review patch.  If anyone has any objections, please let me know.
>
> ------------------
>
> From: Mathias Krause <minipli@xxxxxxxxxxxxxx>
>
> [ Upstream commit e727ca82e0e9616ab4844301e6bae60ca7327682 ]
>
> Initialize event_data for all possible message types to prevent leaking
> kernel stack contents to userland (up to 20 bytes). Also set the flags
> member of the connector message to 0 to prevent leaking two more stack
> bytes this way.
>
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Mathias Krause <minipli@xxxxxxxxxxxxxx>
> Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
> Signed-off-by: Willy Tarreau <w@xxxxxx>
> ---
>  drivers/connector/cn_proc.c | 16 ++++++++++++++++
>  1 file changed, 16 insertions(+)
>
> diff --git a/drivers/connector/cn_proc.c b/drivers/connector/cn_proc.c
> index 6069790..3a2587a 100644
> --- a/drivers/connector/cn_proc.c
> +++ b/drivers/connector/cn_proc.c
> [...]
>  module_init(cn_proc_init);
> +       memset(&ev->event_data, 0, sizeof(ev->event_data));
> +       msg->flags = 0; /* not used */

That last hunk looks bogus. Probably the source of Christoph's compile error.

Mathias
--
To unsubscribe from this list: send the line "unsubscribe stable" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]