Skip to content

Commit

Permalink
ipvs: fix info leak in getsockopt(IP_VS_SO_GET_TIMEOUT)
Browse files Browse the repository at this point in the history 
If at least one of CONFIG_IP_VS_PROTO_TCP or CONFIG_IP_VS_PROTO_UDP is
not set, __ip_vs_get_timeouts() does not fully initialize the structure
that gets copied to userland and that for leaks up to 12 bytes of kernel
stack. Add an explicit memset(0) before passing the structure to
__ip_vs_get_timeouts() to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Wensong Zhang <wensong@linux-vs.org>
Cc: Simon Horman <horms@verge.net.au>
Cc: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Mathias Krause authored and David S. Miller committed Aug 16, 2012
1 parent 7b07f8e commit 2d8a041
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions net/netfilter/ipvs/ip_vs_ctl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2759,6 +2759,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
{
struct ip_vs_timeout_user t;

memset(&t, 0, sizeof(t));
__ip_vs_get_timeouts(net, &t);
if (copy_to_user(user, &t, sizeof(t)) != 0)
ret = -EFAULT;
Expand Down

0 comments on commit 2d8a041

Please sign in to comment.