From: Vasiliy Kulikov <sego...@gmail.com> Structure new_line is copied to userland with some padding fields unitialized. It leads to leaking of stack memory.
Signed-off-by: Vasiliy Kulikov <sego...@gmail.com> CC: sta...@kernel.org Signed-off-by: Dominik Brodowski <li...@dominikbrodowski.net> --- drivers/char/pcmcia/synclink_cs.c | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/drivers/char/pcmcia/synclink_cs.c b/drivers/char/pcmcia/synclink_cs.c index d97a53c..be18100 100644 --- a/drivers/char/pcmcia/synclink_cs.c +++ b/drivers/char/pcmcia/synclink_cs.c @@ -4097,6 +4097,8 @@ static int hdlcdev_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd) if (cmd != SIOCWANDEV) return hdlc_ioctl(dev, ifr, cmd); + memset(&new_line, 0, size); + switch(ifr->ifr_settings.type) { case IF_GET_IFACE: /* return current sync_serial_settings */ -- 1.7.0.4 _______________________________________________ Linux PCMCIA reimplementation list http://lists.infradead.org/mailman/listinfo/linux-pcmcia