From: Dan Carpenter Date: Wed, 16 Sep 2015 06:42:25 +0000 (+0300) Subject: IB/hfi1: info leak in get_ctxt_info() X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=ebe6b2e8bc2cd06a330b3f9be8a4fa3ff44ab026;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git IB/hfi1: info leak in get_ctxt_info() The cinfo struct has a hole after the last struct member so we need to zero it out. Otherwise we disclose some uninitialized stack data. Signed-off-by: Dan Carpenter Signed-off-by: Doug Ledford --- diff --git a/drivers/staging/rdma/hfi1/file_ops.c b/drivers/staging/rdma/hfi1/file_ops.c index 469861750b76..2c43ca5a379b 100644 --- a/drivers/staging/rdma/hfi1/file_ops.c +++ b/drivers/staging/rdma/hfi1/file_ops.c @@ -1181,6 +1181,7 @@ static int get_ctxt_info(struct file *fp, void __user *ubase, __u32 len) struct hfi1_filedata *fd = fp->private_data; int ret = 0; + memset(&cinfo, 0, sizeof(cinfo)); ret = hfi1_get_base_kinfo(uctxt, &cinfo); if (ret < 0) goto done;