linux

Ed Maste Thu, 05 Apr 2018 05:51:21 -0700

Author: emaste
Date: Thu Apr  5 12:50:47 2018
New Revision: 332063
URL: https://svnweb.freebsd.org/changeset/base/332063


Log:
  MFC r332034: linux_ioctl_hdio: fix kernel memory disclosure
  
  Stack-allocated struct linux_hd_big_geometry has undeclared padding
  copied to userland.
  
  admbugs:      765
  Reported by:  Vlad Tsyrklevich
  Security:     Kernel memory disclosure
  Sponsored by: The FreeBSD Foundation

Modified:
  stable/10/sys/compat/linux/linux_ioctl.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/compat/linux/linux_ioctl.c
==============================================================================
--- stable/10/sys/compat/linux/linux_ioctl.c    Thu Apr  5 12:48:58 2018        
(r332062)
+++ stable/10/sys/compat/linux/linux_ioctl.c    Thu Apr  5 12:50:47 2018        
(r332063)
@@ -246,6 +246,7 @@ linux_ioctl_hdio(struct thread *td, struct linux_ioctl
                } else if ((args->cmd & 0xffff) == LINUX_HDIO_GET_GEO_BIG) {
                        struct linux_hd_big_geometry hdbg;
 
+                       memset(&hdbg, 0, sizeof(hdbg));
                        hdbg.cylinders = fwcylinders;
                        hdbg.heads = fwheads;
                        hdbg.sectors = fwsectors;
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"

svn commit: r332063 - stable/10/sys/compat/linux

Reply via email to