Skip to content

Commit

Permalink
net: amend the fix for SO_BSDCOMPAT gsopt infoleak
Browse files Browse the repository at this point in the history 
The fix for CVE-2009-0676 (upstream commit df0bca0) is incomplete. Note
that the same problem of leaking kernel memory will reappear if someone
on some architecture uses struct timeval with some internal padding (for
example tv_sec 64-bit and tv_usec 32-bit) --- then, you are going to
leak the padded bytes to userspace.

Signed-off-by: Eugene Teo <eugeneteo@kernel.sg>
Reported-by: Mikulas Patocka <mpatocka@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Eugene Teo authored and David S. Miller committed Feb 23, 2009
1 parent ebe47d4 commit 50fee1d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion net/core/sock.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -696,7 +696,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname,
if (len < 0)
return -EINVAL;

v.val = 0;
memset(&v, 0, sizeof(v));

switch(optname) {
case SO_DEBUG:
Expand Down

0 comments on commit 50fee1d

Please sign in to comment.