ALSA: timer: Info leak in snd_timer_user_tinterrupt()

The "r1" struct has memory holes.  We clear it with memset on one path
where it is used but not the other.  Let's just memset it at the start
of the function so it's always safe.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

diff --git a/sound/core/timer.c b/sound/core/timer.c
index 8b9e7943a83b283a8211dbcd99c70c06ab34501d..2f836ca09860e83995630de7be6546731523489a 100644 (file)
--- a/sound/core/timer.c
+++ b/sound/core/timer.c
@@ -1277,6 +1277,7 @@ static void snd_timer_user_tinterrupt(struct snd_timer_instance *timeri,
        struct timespec tstamp;
        int prev, append = 0;
 
+       memset(&r1, 0, sizeof(r1));
        memset(&tstamp, 0, sizeof(tstamp));
        spin_lock(&tu->qlock);
        if ((tu->filter & ((1 << SNDRV_TIMER_EVENT_RESOLUTION) |
@@ -1292,7 +1293,6 @@ static void snd_timer_user_tinterrupt(struct snd_timer_instance *timeri,
        }
        if ((tu->filter & (1 << SNDRV_TIMER_EVENT_RESOLUTION)) &&
            tu->last_resolution != resolution) {
-               memset(&r1, 0, sizeof(r1));
                r1.event = SNDRV_TIMER_EVENT_RESOLUTION;
                r1.tstamp = tstamp;
                r1.val = resolution;