diff options
| author | Vasiliy Kulikov <segooon@gmail.com> | 2010-11-03 08:45:06 +0100 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2010-11-03 08:45:06 +0100 |
| commit | b5f15ac4f89f84853544c934fc7a744289e95e34 (patch) | |
| tree | 35f89a706003f9e9343bd63fc5d560cf33a579a7 | |
| parent | 1a8b7a67224eb0c9dbd883b9bfc4938278bad370 (diff) | |
ipv4: netfilter: ip_tables: fix information leak to userland
Structure ipt_getinfo is copied to userland with the field "name"
that has the last elements unitialized. It leads to leaking of
contents of kernel stack memory.
Signed-off-by: Vasiliy Kulikov <segooon@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
| -rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index d31b007a6d80..a846d633b3b6 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -1124,6 +1124,7 @@ static int get_info(struct net *net, void __user *user, private = &tmp; } #endif + memset(&info, 0, sizeof(info)); info.valid_hooks = t->valid_hooks; memcpy(info.hook_entry, private->hook_entry, sizeof(info.hook_entry)); |