projects
/
firefly-linux-kernel-4.4.55.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
951842b
)
IB/hfi1: info leak in get_ctxt_info()
author
Dan Carpenter
<dan.carpenter@oracle.com>
Wed, 16 Sep 2015 06:42:25 +0000
(09:42 +0300)
committer
Doug Ledford
<dledford@redhat.com>
Fri, 18 Sep 2015 15:28:47 +0000
(11:28 -0400)
The cinfo struct has a hole after the last struct member so we need to
zero it out. Otherwise we disclose some uninitialized stack data.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Doug Ledford <dledford@redhat.com>
drivers/staging/rdma/hfi1/file_ops.c
patch
|
blob
|
history
diff --git
a/drivers/staging/rdma/hfi1/file_ops.c
b/drivers/staging/rdma/hfi1/file_ops.c
index 469861750b762a86960495c03932cb1be964b7de..2c43ca5a379ba4065eeaa06b169fde01daabfc33 100644
(file)
--- a/
drivers/staging/rdma/hfi1/file_ops.c
+++ b/
drivers/staging/rdma/hfi1/file_ops.c
@@
-1181,6
+1181,7
@@
static int get_ctxt_info(struct file *fp, void __user *ubase, __u32 len)
struct hfi1_filedata *fd = fp->private_data;
int ret = 0;
+ memset(&cinfo, 0, sizeof(cinfo));
ret = hfi1_get_base_kinfo(uctxt, &cinfo);
if (ret < 0)
goto done;