mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-15 09:34:17 +00:00
drivers/video/via/ioctl.c: prevent reading uninitialized stack memory
The VIAFB_GET_INFO device ioctl allows unprivileged users to read 246 bytes of uninitialized stack memory, because the "reserved" member of the viafb_ioctl_info struct declared on the stack is not altered or zeroed before being copied back to the user. This patch takes care of it. Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com> Signed-off-by: Florian Tobias Schandinat <FlorianSchandinat@gmx.de>
This commit is contained in:
parent
f27098379b
commit
b4aaa78f4c
@ -25,6 +25,8 @@ int viafb_ioctl_get_viafb_info(u_long arg)
|
|||||||
{
|
{
|
||||||
struct viafb_ioctl_info viainfo;
|
struct viafb_ioctl_info viainfo;
|
||||||
|
|
||||||
|
memset(&viainfo, 0, sizeof(struct viafb_ioctl_info));
|
||||||
|
|
||||||
viainfo.viafb_id = VIAID;
|
viainfo.viafb_id = VIAID;
|
||||||
viainfo.vendor_id = PCI_VIA_VENDOR_ID;
|
viainfo.vendor_id = PCI_VIA_VENDOR_ID;
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user