summaryrefslogtreecommitdiff
path: root/drivers/char/pcmcia
diff options
context:
space:
mode:
authorVasiliy Kulikov <segooon@gmail.com>2010-10-17 18:41:24 +0400
committerGreg Kroah-Hartman <gregkh@suse.de>2011-03-21 12:43:29 -0700
commit8e1eb27c298533705a1561d4ea4dec31e80407b2 (patch)
tree3ed3ffc0b30c6b57ad2d0074ace0fe32cfd99a7e /drivers/char/pcmcia
parent824737ff1ea5a699b7122862e2698bbf14bc601c (diff)
downloadkernel-common-8e1eb27c298533705a1561d4ea4dec31e80407b2.tar.gz
kernel-common-8e1eb27c298533705a1561d4ea4dec31e80407b2.tar.bz2
kernel-common-8e1eb27c298533705a1561d4ea4dec31e80407b2.zip
pcmcia: synclink_cs: fix information leak to userland
commit 5b917a1420d3d1a9c8da49fb0090692dc9aaee86 upstream. Structure new_line is copied to userland with some padding fields unitialized. It leads to leaking of stack memory. Signed-off-by: Vasiliy Kulikov <segooon@gmail.com> Signed-off-by: Dominik Brodowski <linux@dominikbrodowski.net> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers/char/pcmcia')
-rw-r--r--drivers/char/pcmcia/synclink_cs.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/drivers/char/pcmcia/synclink_cs.c b/drivers/char/pcmcia/synclink_cs.c
index c31a0d913d37..11655032c72e 100644
--- a/drivers/char/pcmcia/synclink_cs.c
+++ b/drivers/char/pcmcia/synclink_cs.c
@@ -4144,6 +4144,8 @@ static int hdlcdev_ioctl(struct net_device *dev, struct ifreq *ifr, int cmd)
if (cmd != SIOCWANDEV)
return hdlc_ioctl(dev, ifr, cmd);
+ memset(&new_line, 0, size);
+
switch(ifr->ifr_settings.type) {
case IF_GET_IFACE: /* return current sync_serial_settings */