CVS commit: [netbsd-7] src/sys/kern

Wed, 12 Dec 2018 03:36:41 -0800 

Module Name:    src
Committed By:   martin
Date:           Wed Dec 12 11:35:41 UTC 2018

Modified Files:
        src/sys/kern [netbsd-7]: sys_sig.c

Log Message:
Pull up following revision(s) (requested by maxv in ticket #1664):

        sys/kern/sys_sig.c: revision 1.47

Fix kernel info leak, 4 bytes of padding in struct _ksiginfo. Maybe we
should just set _pad to zero on LP64?

        + Possible info leak: [len=40, leaked=4]
        | #0 0xffffffff80baf397 in kleak_copyout
        | #1 0xffffffff80bda817 in sigtimedwait1
        | #2 0xffffffff80bdab95 in sys_____sigtimedwait50
        | #3 0xffffffff80259c42 in syscall


To generate a diff of this commit:
cvs rdiff -u -r1.42 -r1.42.4.1 src/sys/kern/sys_sig.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/kern/sys_sig.c
diff -u src/sys/kern/sys_sig.c:1.42 src/sys/kern/sys_sig.c:1.42.4.1
--- src/sys/kern/sys_sig.c:1.42	Fri Feb 14 16:35:11 2014
+++ src/sys/kern/sys_sig.c	Wed Dec 12 11:35:41 2018
@@ -1,4 +1,4 @@
-/*	$NetBSD: sys_sig.c,v 1.42 2014/02/14 16:35:11 christos Exp $	*/
+/*	$NetBSD: sys_sig.c,v 1.42.4.1 2018/12/12 11:35:41 martin Exp $	*/
 
 /*-
  * Copyright (c) 2006, 2007, 2008 The NetBSD Foundation, Inc.
@@ -66,7 +66,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sys_sig.c,v 1.42 2014/02/14 16:35:11 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sys_sig.c,v 1.42.4.1 2018/12/12 11:35:41 martin Exp $");
 
 #include <sys/param.h>
 #include <sys/kernel.h>
@@ -759,6 +759,8 @@ sigtimedwait1(struct lwp *l, const struc
 	 */
 	sigminusset(&sigcantmask, &l->l_sigwaitset);
 
+	memset(&ksi.ksi_info, 0, sizeof(ksi.ksi_info));
+
 	mutex_enter(p->p_lock);
 
 	/* Check for pending signals in the process, if no - then in LWP. */

Reply via email to