sctp: prevent info leak in sctp_make_heartbeat()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The "hbinfo" struct has a 4 byte hole at the end so we have to zero it
out to prevent stack information from being disclosed.

Fixes: fe59379b9ab7 ("sctp: do the basic send and recv for PLPMTUD probe")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Dan Carpenter and committed by

David S. Miller 4 years ago a34dcbfa 996af621

+1 -1

1 changed file

expand all

net

sctp

sm_make_chunk.c

+1 -1

net/sctp/sm_make_chunk.c

··· 1163 1163 const struct sctp_transport *transport, 1164 1164 __u32 probe_size) 1165 1165 { 1166 - struct sctp_sender_hb_info hbinfo; 1166 + struct sctp_sender_hb_info hbinfo = {}; 1167 1167 struct sctp_chunk *retval; 1168 1168 1169 1169 retval = sctp_make_control(asoc, SCTP_CID_HEARTBEAT, 0,