]> git.baikalelectronics.ru Git - kernel.git/commit
Bluetooth: L2CAP - Fix info leak via getsockname()
authorMathias Krause <minipli@googlemail.com>
Wed, 15 Aug 2012 11:31:51 +0000 (11:31 +0000)
committerDavid S. Miller <davem@davemloft.net>
Thu, 16 Aug 2012 04:36:31 +0000 (21:36 -0700)
commita4699c85c4683b86177664e8ec805bc7eeae791e
treef337e39a3194c1de2330e3d0acc0b76e91a8593d
parentccf6ad88c53c95d09cb0d92fd939f9d363044ba3
Bluetooth: L2CAP - Fix info leak via getsockname()

The L2CAP code fails to initialize the l2_bdaddr_type member of struct
sockaddr_l2 and the padding byte added for alignment. It that for leaks
two bytes kernel stack via the getsockname() syscall. Add an explicit
memset(0) before filling the structure to avoid the info leak.

Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Marcel Holtmann <marcel@holtmann.org>
Cc: Gustavo Padovan <gustavo@padovan.org>
Cc: Johan Hedberg <johan.hedberg@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/bluetooth/l2cap_sock.c