ALSA: sb16 - info leak in snd_sb_csp_ioctl()

There is a 2 byte hole after "info.func_nr" so we could leak unitialized
stack information to userspace.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Takashi Iwai <tiwai@suse.de>

diff --git a/sound/isa/sb/sb16_csp.c b/sound/isa/sb/sb16_csp.c
index c1aa21edcb653b78dc664e97e75db7bd68bbe834..48da2276683d275ece81027f44d3906b347546b5 100644 (file)
--- a/sound/isa/sb/sb16_csp.c
+++ b/sound/isa/sb/sb16_csp.c
@@ -208,6 +208,7 @@ static int snd_sb_csp_ioctl(struct snd_hwdep * hw, struct file *file, unsigned i
        switch (cmd) {
                /* get information */
        case SNDRV_SB_CSP_IOCTL_INFO:
+               memset(&info, 0, sizeof(info));
                *info.codec_name = *p->codec_name;
                info.func_nr = p->func_nr;
                info.acc_format = p->acc_format;