projects / platform / kernel / linux-starfive.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 20ab843)
af_key: Fix heap information leak
authorHyunwoo Kim <v4bel@theori.io>
Thu, 9 Feb 2023 09:16:48 +0000 (01:16 -0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 13 Feb 2023 09:30:14 +0000 (09:30 +0000)
Since x->encap of pfkey_msg2xfrm_state() is not
initialized to 0, kernel heap data can be leaked.

Fix with kzalloc() to prevent this.

Signed-off-by: Hyunwoo Kim <v4bel@theori.io>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/key/af_key.c patch | blob | history

diff --git a/net/key/af_key.c b/net/key/af_key.c
index 2bdbcec..a815f5a 100644 (file)
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -1261,7 +1261,7 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct net *net,
                const struct sadb_x_nat_t_type* n_type;
                struct xfrm_encap_tmpl *natt;
 
-               x->encap = kmalloc(sizeof(*x->encap), GFP_KERNEL);
+               x->encap = kzalloc(sizeof(*x->encap), GFP_KERNEL);
                if (!x->encap) {
                        err = -ENOMEM;
                        goto out;
Domain: System / Kernel;