* [patch] Staging: vt6655-6: potential info leak in private_ioctl()
@ 2011-09-23 6:23 Dan Carpenter
0 siblings, 0 replies; only message in thread
From: Dan Carpenter @ 2011-09-23 6:23 UTC (permalink / raw)
To: kernel-janitors
Smatch has a new check for Rosenberg type information leaks where
structs are copied to the user with uninitialized stack data in them.
In this path, the .uLinkRate member doesn't get initialized so I've
set it to zero.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
diff --git a/drivers/staging/vt6655/ioctl.c b/drivers/staging/vt6655/ioctl.c
index 8cf88c3..43964a5 100644
--- a/drivers/staging/vt6655/ioctl.c
+++ b/drivers/staging/vt6655/ioctl.c
@@ -296,6 +296,7 @@ int private_ioctl(PSDevice pDevice, struct ifreq *rq) {
}
else {
sLinkStatus.bLink = false;
+ sLinkStatus.uLinkRate = 0;
}
if (copy_to_user(pReq->data, &sLinkStatus, sizeof(SCmdLinkStatus))) {
result = -EFAULT;
diff --git a/drivers/staging/vt6656/ioctl.c b/drivers/staging/vt6656/ioctl.c
index cfe9c95..1cb9a7d 100644
--- a/drivers/staging/vt6656/ioctl.c
+++ b/drivers/staging/vt6656/ioctl.c
@@ -291,6 +291,7 @@ int private_ioctl(PSDevice pDevice, struct ifreq *rq) {
}
else {
sLinkStatus.bLink = FALSE;
+ sLinkStatus.uLinkRate = 0;
}
if (copy_to_user(pReq->data, &sLinkStatus, sizeof(SCmdLinkStatus))) {
result = -EFAULT;
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2011-09-23 6:23 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-09-23 6:23 [patch] Staging: vt6655-6: potential info leak in private_ioctl() Dan Carpenter
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.