From: Eugene Teo Date: Mon, 23 Feb 2009 23:38:41 +0000 (-0800) Subject: net: amend the fix for SO_BSDCOMPAT gsopt infoleak X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=50fee1dec5d71b8a14c1b82f2f42e16adc227f8b;p=GitHub%2FLineageOS%2Fandroid_kernel_samsung_universal7580.git net: amend the fix for SO_BSDCOMPAT gsopt infoleak The fix for CVE-2009-0676 (upstream commit df0bca04) is incomplete. Note that the same problem of leaking kernel memory will reappear if someone on some architecture uses struct timeval with some internal padding (for example tv_sec 64-bit and tv_usec 32-bit) --- then, you are going to leak the padded bytes to userspace. Signed-off-by: Eugene Teo Reported-by: Mikulas Patocka Signed-off-by: David S. Miller --- diff --git a/net/core/sock.c b/net/core/sock.c index 6e4f14d1ef8..5f97caa158e 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -696,7 +696,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname, if (len < 0) return -EINVAL; - v.val = 0; + memset(&v, 0, sizeof(v)); switch(optname) { case SO_DEBUG: