diff options
| author | Kangjie Lu <kangjielu@gmail.com> | 2016-06-02 04:11:20 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2016-09-11 09:59:58 +0200 |
| commit | d57906c6850c5bb9a93841da3deb6df53135d133 (patch) | |
| tree | 06d80a20462ff6be50e38cc4eb1d653dba2d6807 | |
| parent | f842188c4f4f63a5b6fb59f45ac121162c0ab4c4 (diff) | |
| download | linux-stable-d57906c6850c5bb9a93841da3deb6df53135d133.tar.gz linux-stable-d57906c6850c5bb9a93841da3deb6df53135d133.tar.bz2 linux-stable-d57906c6850c5bb9a93841da3deb6df53135d133.zip | |
rds: fix an infoleak in rds_inc_info_copy
commit 4116def2337991b39919f3b448326e21c40e0dbb upstream.
The last field "flags" of object "minfo" is not initialized.
Copying this object out may leak kernel stack data.
Assign 0 to it to avoid leak.
Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
Acked-by: Santosh Shilimkar <santosh.shilimkar@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Juerg Haefliger <juerg.haefliger@hpe.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | net/rds/recv.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/net/rds/recv.c b/net/rds/recv.c index bd82522534fc..f6839107d020 100644 --- a/net/rds/recv.c +++ b/net/rds/recv.c @@ -543,5 +543,7 @@ void rds_inc_info_copy(struct rds_incoming *inc, minfo.fport = inc->i_hdr.h_dport; } + minfo.flags = 0; + rds_info_copy(iter, &minfo, sizeof(minfo)); } |