From d14df339c72b6efbba4eddd1d1f3f4b173273f74 Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Wed, 16 Oct 2013 11:44:25 +0300 Subject: [PATCH] ALSA: hdsp - info leak in snd_hdsp_hwdep_ioctl() In GCC the sizeof(hdsp_version) is 8 because there is a 2 byte hole at the end of the struct after ->firmware_rev. Signed-off-by: Dan Carpenter Signed-off-by: Takashi Iwai --- sound/pci/rme9652/hdsp.c | 1 + 1 file changed, 1 insertion(+) diff --git a/sound/pci/rme9652/hdsp.c b/sound/pci/rme9652/hdsp.c index 4f255df..f59a321 100644 --- a/sound/pci/rme9652/hdsp.c +++ b/sound/pci/rme9652/hdsp.c @@ -4845,6 +4845,7 @@ static int snd_hdsp_hwdep_ioctl(struct snd_hwdep *hw, struct file *file, unsigne if ((err = hdsp_get_iobox_version(hdsp)) < 0) return err; } + memset(&hdsp_version, 0, sizeof(hdsp_version)); hdsp_version.io_type = hdsp->io_type; hdsp_version.firmware_rev = hdsp->firmware_rev; if ((err = copy_to_user(argp, &hdsp_version, sizeof(hdsp_version)))) -- 2.7.4