batman-adv: Avoid probe ELP information leak
authorSven Eckelmann <sven@narfation.org>
Tue, 17 Mar 2020 20:15:39 +0000 (21:15 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 20 Mar 2020 08:07:56 +0000 (09:07 +0100)
commit34673c28f43dc6603039bbffc67443014b2123a1
tree72280e6c8d78c10bdbbe216cbfcac6a72ccbaf89
parent3c6ed319b82ff75f96c262477eae7f5d4fc65823
batman-adv: Avoid probe ELP information leak

commit 88d0895d0ea9d4431507d576c963f2ff9918144d upstream.

The probe ELPs for WiFi interfaces are expanded to contain at least
BATADV_ELP_MIN_PROBE_SIZE bytes. This is usually a lot more than the
number of bytes which the template ELP packet requires.

These extra padding bytes were not initialized and thus could contain data
which were previously stored at the same location. It is therefore required
to set it to some predefined or random values to avoid leaking private
information from the system transmitting these kind of packets.

Fixes: e4623c913508 ("batman-adv: Avoid probe ELP information leak")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Acked-by: Antonio Quartulli <a@unstable.cc>
Signed-off-by: Simon Wunderlich <sw@simonwunderlich.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/batman-adv/bat_v_elp.c