diff options
| author | Peilin Ye <[email protected]> | 2020-07-30 15:20:26 -0400 |
|---|---|---|
| committer | David S. Miller <[email protected]> | 2020-07-31 16:52:48 -0700 |
| commit | bbc8a99e952226c585ac17477a85ef1194501762 (patch) | |
| tree | 6e62fbfef1f8f51b488c3be4af8599b48f2cfefc /tools/perf/scripts/python/exported-sql-viewer.py | |
| parent | dc096288d579c82efbf6f82a5d895fed6e41e5a6 (diff) | |
rds: Prevent kernel-infoleak in rds_notify_queue_get()
rds_notify_queue_get() is potentially copying uninitialized kernel stack
memory to userspace since the compiler may leave a 4-byte hole at the end
of `cmsg`.
In 2016 we tried to fix this issue by doing `= { 0 };` on `cmsg`, which
unfortunately does not always initialize that 4-byte hole. Fix it by using
memset() instead.
Cc: [email protected]
Fixes: f037590fff30 ("rds: fix a leak of kernel memory")
Fixes: bdbe6fbc6a2f ("RDS: recv.c")
Suggested-by: Dan Carpenter <[email protected]>
Signed-off-by: Peilin Ye <[email protected]>
Acked-by: Santosh Shilimkar <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
Diffstat (limited to 'tools/perf/scripts/python/exported-sql-viewer.py')
0 files changed, 0 insertions, 0 deletions