net: amend the fix for SO_BSDCOMPAT gsopt infoleak

The fix for CVE-2009-0676 (upstream commit df0bca04) is incomplete. Note that the same problem of leaking kernel memory will reappear if someone on some architecture uses struct timeval with some internal padding (for example tv_sec 64-bit and tv_usec 32-bit) --- then, you are going to leak the padded bytes to userspace. Signed-off-by: Eugene Teo <eugeneteo@kernel.sg> Reported-by: Mikulas Patocka <mpatocka@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>

net: amend the fix for SO_BSDCOMPAT gsopt infoleak
The fix for CVE-2009-0676 (upstream commit df0bca04) is incomplete. Note that the same problem of leaking kernel memory will reappear if someone on some architecture uses struct timeval with some internal padding (for example tv_sec 64-bit and tv_usec 32-bit) --- then, you are going to leak the padded bytes to userspace. Signed-off-by: Eugene Teo <eugeneteo@kernel.sg> Reported-by: Mikulas Patocka <mpatocka@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net>
50fee1de · Eugene Teo · David S. Miller · ebe47d47 · 50fee1de
Commit 50fee1de authored Feb 23, 2009 by Eugene Teo Committed by David S. Miller Feb 23, 2009
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

net/core/sock.c net/core/sock.c +1 -1

No files found.
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -696,7 +696,7 @@ int sock_getsockopt(struct socket *sock, int level, int optname,
 	if (len < 0)
 		return -EINVAL;

-	v.val = 0;
+	memset(&v, 0, sizeof(v));

 	switch(optname) {
 	case SO_DEBUG: