summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorVasiliy Kulikov <segooon@gmail.com>2010-11-03 08:44:12 +0100
committerPatrick McHardy <kaber@trash.net>2010-11-03 08:44:12 +0100
commit1a8b7a67224eb0c9dbd883b9bfc4938278bad370 (patch)
tree31697d77831109c760001a8a78053dab0fb74ac5 /net
parentd817d29d0b37290d90b3a9e2a61162f1dbf2be4f (diff)
downloadop-kernel-dev-1a8b7a67224eb0c9dbd883b9bfc4938278bad370.zip
op-kernel-dev-1a8b7a67224eb0c9dbd883b9bfc4938278bad370.tar.gz
ipv4: netfilter: arp_tables: fix information leak to userland
Structure arpt_getinfo is copied to userland with the field "name" that has the last elements unitialized. It leads to leaking of contents of kernel stack memory. Signed-off-by: Vasiliy Kulikov <segooon@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
-rw-r--r--net/ipv4/netfilter/arp_tables.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 3cad259..3fac340 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -927,6 +927,7 @@ static int get_info(struct net *net, void __user *user,
private = &tmp;
}
#endif
+ memset(&info, 0, sizeof(info));
info.valid_hooks = t->valid_hooks;
memcpy(info.hook_entry, private->hook_entry,
sizeof(info.hook_entry));
OpenPOWER on IntegriCloud