From: Heinrich Schuchardt Date: Sun, 21 Aug 2016 17:56:19 +0000 (+0200) Subject: drm: avoid exposing kernel stack in compat_drm_getstats X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=ec913f31a570b57e72e69b4122de70a6b2ef760f;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git drm: avoid exposing kernel stack in compat_drm_getstats The C standard does not specify the size of the integer used to store an enum. Hence in structure drm_stats32_t alignment bytes may exist. To avoid exposing bytes from the kernel stack it is necessary to initialize variable s32 completely. Signed-off-by: Heinrich Schuchardt Signed-off-by: Daniel Vetter Link: http://patchwork.freedesktop.org/patch/msgid/1471802179-2886-1-git-send-email-xypron.glpk@gmx.de --- diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c index 57676f8d7ecf..32a489b0faff 100644 --- a/drivers/gpu/drm/drm_ioc32.c +++ b/drivers/gpu/drm/drm_ioc32.c @@ -346,6 +346,7 @@ static int compat_drm_getstats(struct file *file, unsigned int cmd, struct drm_stats __user *stats; int i, err; + memset(&s32, 0, sizeof(drm_stats32_t)); stats = compat_alloc_user_space(sizeof(*stats)); if (!stats) return -EFAULT;