Author: emaste
Date: Wed Apr 4 14:41:48 2018
New Revision: 332034
URL: https://svnweb.freebsd.org/changeset/base/332034
Log:
linux_ioctl_hdio: fix kernel memory disclosure
Stack-allocated struct linux_hd_big_geometry has undeclared padding
copied to userland.
admbugs: 765
Reported by: Vlad Tsyrklevich
MFC after: 1 day
Security: Kernel memory disclosure
Sponsored by: The FreeBSD Foundation
Modified:
head/sys/compat/linux/linux_ioctl.c
Modified: head/sys/compat/linux/linux_ioctl.c
==============================================================================
--- head/sys/compat/linux/linux_ioctl.c Wed Apr 4 14:31:56 2018
(r332033)
+++ head/sys/compat/linux/linux_ioctl.c Wed Apr 4 14:41:48 2018
(r332034)
@@ -253,6 +253,7 @@ linux_ioctl_hdio(struct thread *td, struct linux_ioctl
} else if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO_BIG) {
struct linux_hd_big_geometry hdbg;
+ memset(&hdbg, 0, sizeof(hdbg));
hdbg.cylinders = fwcylinders;
hdbg.heads = fwheads;
hdbg.sectors = fwsectors;
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
