net: amend the fix for SO_BSDCOMPAT gsopt infoleak · 50fee1dec5 - Gogs

net: amend the fix for SO_BSDCOMPAT gsopt infoleak

The fix for CVE-2009-0676 (upstream commit df0bca04) is incomplete. Note
that the same problem of leaking kernel memory will reappear if someone
on some architecture uses struct timeval with some internal padding (for
example tv_sec 64-bit and tv_usec 32-bit) --- then, you are going to
leak the padded bytes to userspace.

Signed-off-by: Eugene Teo <eugeneteo@kernel.sg>
Reported-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

Eugene Teo 16 年之前

父节点

ebe47d47b7

当前提交

50fee1dec5

共有 1 个文件被更改，包括 1 次插入 和 1 次删除

分列视图显示文件统计

						
							+ 1
							
							- 1
						
net/core/sock.c
							 
								查看文件
							
				@@ -696,7 +696,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname,
			
				 	if (len < 0)
			
				 		return -EINVAL;
			
				-	v.val = 0;
			
				+	memset(&v, 0, sizeof(v));
			
				 	switch(optname) {
			
				 	case SO_DEBUG: