rpms / kernel

Clone
Source Code
GIT

Blame net-fix-infoleak-in-rtnetlink.patch

26 Label_NFS f10 f11 f12 f12-user-myoung-xendom0 f13 f13-2.6.33-master f13-user-steved-pnfs-13 f14 f14-user-kyle-bz664206 f14-user-kyle-f14-2.6.37 f14-user-lkundrak-vaio-brightness-645937 f14-user-steved-pnfs-f14 f15 f15-2.6.39 f15-30-going-on-40 f15-user-steved-pnfs-f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f25-pf f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 main oneoffs private-jcm-arm-nosmp-kallsyms private-jcm-arm-nosmp-kallsyms-f17 private-nhorman-sgx-v15 rawhide rhbz_1205083 stabilization talos user/steved/f19-lnfs-v3.8 user/steved/f19-lnfs-v3.8-rc7
  1.   399e5b04d1141ca4db56714a45511868de141cd2
  2.   net-fix-infoleak-in-rtnetlink.patch
Blob History Raw
55e4593 
From 55a8a812d867ec9953bde7d86eef255a1abbf93e Mon Sep 17 00:00:00 2001
55e4593 
From: Kangjie Lu <kangjielu@gmail.com>
55e4593 
Date: Tue, 3 May 2016 16:46:24 -0400
55e4593 
Subject: [PATCH 1/2] net: fix infoleak in rtnetlink
55e4593 
MIME-Version: 1.0
55e4593 
Content-Type: text/plain; charset=UTF-8
55e4593 
Content-Transfer-Encoding: 8bit
55e4593
55e4593 
The stack object “map” has a total size of 32 bytes. Its last 4
55e4593 
bytes are padding generated by compiler. These padding bytes are
55e4593 
not initialized and sent out via “nla_put”.
55e4593
55e4593 
Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
55e4593 
Signed-off-by: David S. Miller <davem@davemloft.net>
55e4593 
---
55e4593 
 net/core/rtnetlink.c | 18 ++++++++++--------
55e4593 
 1 file changed, 10 insertions(+), 8 deletions(-)
55e4593
55e4593 
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
55e4593 
index a75f7e94b445..65763c29f845 100644
55e4593 
--- a/net/core/rtnetlink.c
55e4593 
+++ b/net/core/rtnetlink.c
55e4593 
@@ -1180,14 +1180,16 @@ static noinline_for_stack int rtnl_fill_vfinfo(struct sk_buff *skb,
55e4593
55e4593 
 static int rtnl_fill_link_ifmap(struct sk_buff *skb, struct net_device *dev)
55e4593 
 {
55e4593 
-	struct rtnl_link_ifmap map = {
55e4593 
-		.mem_start   = dev->mem_start,
55e4593 
-		.mem_end     = dev->mem_end,
55e4593 
-		.base_addr   = dev->base_addr,
55e4593 
-		.irq         = dev->irq,
55e4593 
-		.dma         = dev->dma,
55e4593 
-		.port        = dev->if_port,
55e4593 
-	};
55e4593 
+	struct rtnl_link_ifmap map;
55e4593 
+
55e4593 
+	memset(&map, 0, sizeof(map));
55e4593 
+	map.mem_start   = dev->mem_start;
55e4593 
+	map.mem_end     = dev->mem_end;
55e4593 
+	map.base_addr   = dev->base_addr;
55e4593 
+	map.irq         = dev->irq;
55e4593 
+	map.dma         = dev->dma;
55e4593 
+	map.port        = dev->if_port;
55e4593 
+
55e4593 
 	if (nla_put(skb, IFLA_MAP, sizeof(map), &map))
55e4593 
 		return -EMSGSIZE;
55e4593
55e4593 
--
55e4593 
2.5.5
55e4593
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.