> -----Original Message----- > From: Colin King [mailto:[email protected]] > Sent: Monday, May 15, 2017 8:56 AM > To: Raghava Aditya Renukunta <[email protected]>; > dl-esc-Aacraid Linux Driver <[email protected]>; James E . J . Bottomley > <[email protected]>; Martin K . Petersen > <[email protected]>; [email protected] > Cc: [email protected]; [email protected] > Subject: [PATCH] scsi: aacraid: fix leak of data from stack back to userspace > > From: Colin Ian King <[email protected]> > > The fields sense_data_size and sense_data are unitialized garbage from the > stack and are being copied back to userspace. Fix this leak of stack > information > by ensuring they are zero'd. > > Detected by CoverityScan, CID#1435473 ("Uninitialized scalar variable") > > Fixes: 423400e64d377 ("scsi: aacraid: Include HBA direct interface") > Signed-off-by: Colin Ian King <[email protected]> > --- > drivers/scsi/aacraid/commctrl.c | 2 ++ > 1 file changed, 2 insertions(+) > Acked-by: Dave Carroll <[email protected]>
