Bluetooth: cmtp: fix information leak to userland
Structure cmtp_conninfo is copied to userland with some padding fields unitialized. It leads to leaking of contents of kernel stack memory. Signed-off-by: Vasiliy Kulikov <segooon@gmail.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
This commit is contained in:
Vasiliy Kulikov
Gustavo F. Padovan
parent
5520d20f68
commit
3185fbd9d7
1 changed files with 1 additions and 0 deletions
|
|
@ -78,6 +78,7 @@ static void __cmtp_unlink_session(struct cmtp_session *session)
|
|||
|
||||
static void __cmtp_copy_session(struct cmtp_session *session, struct cmtp_conninfo *ci)
|
||||
{
|
||||
memset(ci, 0, sizeof(*ci));
|
||||
bacpy(&ci->bdaddr, &session->bdaddr);
|
||||
|
||||
ci->flags = session->flags;
|
||||
|
|
|
|||
Loading…
Reference in a new issue