CVS commit: [netbsd-7-1] src/sys/kern

Wed, 21 Nov 2018 04:13:43 -0800 

Module Name:    src
Committed By:   martin
Date:           Wed Nov 21 12:13:08 UTC 2018

Modified Files:
        src/sys/kern [netbsd-7-1]: kern_event.c

Log Message:
Pull up following revision(s) (requested by maxv in ticket #1653):

        sys/kern/kern_event.c: revision 1.104

Fix kernel info leak. There are 4 bytes of padding in struct kevent.
[  287.537676] kleak: Possible leak in copyout: [len=40, leaked=4]
[  287.537676] #0 0xffffffff80b7c41a in kleak_note <netbsd>
[  287.547673] #1 0xffffffff80b7c49a in kleak_copyout <netbsd>
[  287.557677] #2 0xffffffff80b1d32d in kqueue_scan.isra.1.constprop.2 <netbsd>
[  287.557677] #3 0xffffffff80b1dc6a in kevent1 <netbsd>
[  287.567683] #4 0xffffffff80b1dcb0 in sys___kevent50 <netbsd>
[  287.567683] #5 0xffffffff8025ab3c in sy_call <netbsd>
[  287.577688] #6 0xffffffff8025ad6e in sy_invoke <netbsd>
[  287.587693] #7 0xffffffff8025adf4 in syscall <netbsd>


To generate a diff of this commit:
cvs rdiff -u -r1.80.2.1.6.1 -r1.80.2.1.6.2 src/sys/kern/kern_event.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/kern_event.c
diff -u src/sys/kern/kern_event.c:1.80.2.1.6.1 src/sys/kern/kern_event.c:1.80.2.1.6.2
--- src/sys/kern/kern_event.c:1.80.2.1.6.1	Sat Jul  8 16:52:27 2017
+++ src/sys/kern/kern_event.c	Wed Nov 21 12:13:08 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: kern_event.c,v 1.80.2.1.6.1 2017/07/08 16:52:27 snj Exp $	*/
+/*	$NetBSD: kern_event.c,v 1.80.2.1.6.2 2018/11/21 12:13:08 martin Exp $	*/
 
 /*-
  * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -58,7 +58,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_event.c,v 1.80.2.1.6.1 2017/07/08 16:52:27 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_event.c,v 1.80.2.1.6.2 2018/11/21 12:13:08 martin Exp $");
 
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -584,6 +584,7 @@ filt_proc(struct knote *kn, long hint)
 		 * event with the parent's pid.  Register knote with new
 		 * process.
 		 */
+		memset(&kev, 0, sizeof(kev));
 		kev.ident = hint & NOTE_PDATAMASK;	/* pid */
 		kev.filter = kn->kn_filter;
 		kev.flags = kn->kn_flags | EV_ADD | EV_ENABLE | EV_FLAG1;

Reply via email to