Commit f720d7df993b2cd62c723f1803bc8330871d478f
Exists in
ti-lsk-linux-4.1.y
and in
10 other branches
Merge tag 'firewire-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394
Pull firewire fix from Stefan Richter: "IEEE 1394 (FireWire) subsystem fix: The character device file interface for raw 1394 I/O took uninitialized kernel stack as substitute for missing ioctl() argument data. This could partially show up in subsequent read() output" * tag 'firewire-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394: firewire: cdev: prevent kernel stack leaking into ioctl arguments
Showing 1 changed file Side-by-side Diff
drivers/firewire/core-cdev.c
... | ... | @@ -1637,8 +1637,7 @@ |
1637 | 1637 | _IOC_SIZE(cmd) > sizeof(buffer)) |
1638 | 1638 | return -ENOTTY; |
1639 | 1639 | |
1640 | - if (_IOC_DIR(cmd) == _IOC_READ) | |
1641 | - memset(&buffer, 0, _IOC_SIZE(cmd)); | |
1640 | + memset(&buffer, 0, sizeof(buffer)); | |
1642 | 1641 | |
1643 | 1642 | if (_IOC_DIR(cmd) & _IOC_WRITE) |
1644 | 1643 | if (copy_from_user(&buffer, arg, _IOC_SIZE(cmd))) |