From: Kangjie Lu <kjlu@umn.edu>
Date: Fri, 18 Oct 2019 04:29:53 +0000 (-0500)
Subject: gma/gma500: fix a memory disclosure bug due to uninitialized bytes
X-Git-Tag: v5.10.7~2352^2~6^2~1017
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=57a25a5f754ce27da2cfa6f413cfd366f878db76;p=platform%2Fkernel%2Flinux-rpi.git

gma/gma500: fix a memory disclosure bug due to uninitialized bytes

`best_clock` is an object that may be sent out. Object `clock`
contains uninitialized bytes that are copied to `best_clock`,
which leads to memory disclosure and information leak.

Signed-off-by: Kangjie Lu <kjlu@umn.edu>
Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Link: https://patchwork.freedesktop.org/patch/msgid/20191018042953.31099-1-kjlu@umn.edu
---

diff --git a/drivers/gpu/drm/gma500/cdv_intel_display.c b/drivers/gpu/drm/gma500/cdv_intel_display.c
index f56852a..8b78494 100644
--- a/drivers/gpu/drm/gma500/cdv_intel_display.c
+++ b/drivers/gpu/drm/gma500/cdv_intel_display.c
@@ -405,6 +405,8 @@ static bool cdv_intel_find_dp_pll(const struct gma_limit_t *limit,
 	struct gma_crtc *gma_crtc = to_gma_crtc(crtc);
 	struct gma_clock_t clock;
 
+	memset(&clock, 0, sizeof(clock));
+
 	switch (refclk) {
 	case 27000:
 		if (target < 200000) {