mwave: fix info leak in mwave_ioctl() · tjh.dev/kernel@026dada

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

mwave: fix info leak in mwave_ioctl()

Smatch complains that on 64 bit systems, there is a hole in the
MW_ABILITIES struct between ->component_count and ->component_list[].
It leaks stack information from the mwave_ioctl() function.

I've added a memset() to initialize the struct to zero.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Greg KH <greg@kroah.com>
Cc: Jiri Kosina <jkosina@suse.cz>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Dan Carpenter and committed by

Linus Torvalds 12 years ago 026dadad 758a6ba3

1 changed file

expand all

drivers

char

mwave

tp3780i.c

drivers/char/mwave/tp3780i.c

··· 479 479 PRINTK_2(TRACE_TP3780I, 480 480 "tp3780i::tp3780I_QueryAbilities entry pBDData %p\n", pBDData); 481 481 482 + memset(pAbilities, 0, sizeof(*pAbilities)); 482 483 /* fill out standard constant fields */ 483 484 pAbilities->instr_per_sec = pBDData->rDspSettings.uIps; 484 485 pAbilities->data_size = pBDData->rDspSettings.uDStoreSize;