Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

rtnl: fix info leak on RTM_GETLINK request for VF devices

Initialize the mac address buffer with 0 as the driver specific function
will probably not fill the whole buffer. In fact, all in-kernel drivers
fill only ETH_ALEN of the MAX_ADDR_LEN bytes, i.e. 6 of the 32 possible
bytes. Therefore we currently leak 26 bytes of stack memory to userland
via the netlink interface.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Mathias Krause 12 years ago
parent
c085c49920
commit
84d73cd3fb
1 changed files with 1 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      net/core/rtnetlink.c

+ 1 - 0
net/core/rtnetlink.c
View File 

@@ -979,6 +979,7 @@ static int rtnl_fill_ifinfo(struct sk_buff *skb, struct net_device *dev,
 
 			 * report anything.
 
 			 */
 
 			ivi.spoofchk = -1;
 
+			memset(ivi.mac, 0, sizeof(ivi.mac));
 
 			if (dev->netdev_ops->ndo_get_vf_config(dev, i, &ivi))
 
 				break;
 
 			vf_mac.vf =