Skip to content

Commit

Permalink
unix_diag: fix info leak
Browse files Browse the repository at this point in the history 
When filling the netlink message we miss to wipe the pad field,
therefore leak one byte of heap memory to userland. Fix this by
setting pad to 0.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Mathias Krause authored and David S. Miller committed Oct 2, 2013
1 parent d022af2 commit 6865d1e
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions net/unix/diag.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -124,6 +124,7 @@ static int sk_diag_fill(struct sock *sk, struct sk_buff *skb, struct unix_diag_r
rep->udiag_family = AF_UNIX;
rep->udiag_type = sk->sk_type;
rep->udiag_state = sk->sk_state;
rep->pad = 0;
rep->udiag_ino = sk_ino;
sock_diag_save_cookie(sk, rep->udiag_cookie);

Expand Down

0 comments on commit 6865d1e

Please sign in to comment.