diff options
author | Mathias Krause <minipli@googlemail.com> | 2013-04-07 01:51:56 +0000 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2013-05-01 08:56:39 -0700 |
commit | af9659917d0547ebb4233635d2dc496d29fd5d7c (patch) | |
tree | ebfb736c49b0455d71eb7228c2fa51e5defdc0ed /fs/ntfs/collate.c | |
parent | cbafa8a778286c4bd59bd0b9c028b416e0e6ac29 (diff) | |
download | kernel_samsung_smdk4412-af9659917d0547ebb4233635d2dc496d29fd5d7c.zip kernel_samsung_smdk4412-af9659917d0547ebb4233635d2dc496d29fd5d7c.tar.gz kernel_samsung_smdk4412-af9659917d0547ebb4233635d2dc496d29fd5d7c.tar.bz2 |
llc: Fix missing msg_namelen update in llc_ui_recvmsg()
[ Upstream commit c77a4b9cffb6215a15196ec499490d116dfad181 ]
For stream sockets the code misses to update the msg_namelen member
to 0 and therefore makes net/socket.c leak the local, uninitialized
sockaddr_storage variable to userland -- 128 bytes of kernel stack
memory. The msg_namelen update is also missing for datagram sockets
in case the socket is shutting down during receive.
Fix both issues by setting msg_namelen to 0 early. It will be
updated later if we're going to fill the msg_name member.
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs/ntfs/collate.c')
0 files changed, 0 insertions, 0 deletions