From ec913f31a570b57e72e69b4122de70a6b2ef760f Mon Sep 17 00:00:00 2001 From: Heinrich Schuchardt Date: Sun, 21 Aug 2016 19:56:19 +0200 Subject: [PATCH] drm: avoid exposing kernel stack in compat_drm_getstats The C standard does not specify the size of the integer used to store an enum. Hence in structure drm_stats32_t alignment bytes may exist. To avoid exposing bytes from the kernel stack it is necessary to initialize variable s32 completely. Signed-off-by: Heinrich Schuchardt Signed-off-by: Daniel Vetter Link: http://patchwork.freedesktop.org/patch/msgid/1471802179-2886-1-git-send-email-xypron.glpk@gmx.de --- drivers/gpu/drm/drm_ioc32.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c index 57676f8d7ecf..32a489b0faff 100644 --- a/drivers/gpu/drm/drm_ioc32.c +++ b/drivers/gpu/drm/drm_ioc32.c @@ -346,6 +346,7 @@ static int compat_drm_getstats(struct file *file, unsigned int cmd, struct drm_stats __user *stats; int i, err; + memset(&s32, 0, sizeof(drm_stats32_t)); stats = compat_alloc_user_space(sizeof(*stats)); if (!stats) return -EFAULT; -- 2.20.1