unix: If we happen to find peer NULL when diag dumping, write zero.
authorDavid S. Miller <davem@davemloft.net>
Mon, 26 Dec 2011 19:41:55 +0000 (14:41 -0500)
committerDavid S. Miller <davem@davemloft.net>
Mon, 26 Dec 2011 19:41:55 +0000 (14:41 -0500)
Otherwise we leave uninitialized kernel memory in there.

Reported-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/unix/diag.c

index 39e44c98176a71b5f85110fb4eebc47f9ff2826a..c5bdbcb1c30b1dde9b8fc2b7caca45dc02effaa2 100644 (file)
@@ -86,8 +86,7 @@ static int sk_diag_dump_icons(struct sock *sk, struct sk_buff *nlskb)
                         */
                        unix_state_lock_nested(req);
                        peer = unix_sk(req)->peer;
-                       if (peer)
-                               buf[i++] = sock_i_ino(peer);
+                       buf[i++] = (peer ? sock_i_ino(peer) : 0);
                        unix_state_unlock(req);
                }
                spin_unlock(&sk->sk_receive_queue.lock);