net: amend the fix for SO_BSDCOMPAT gsopt infoleak

(backported from 2.6 commit 50fee1dec5d71b8a14c1b82f2f42e16adc227f8b) [WT: previous patch was not merged into 2.4 because the issue was not present there. This second point still applies though - /WT] The fix for CVE-2009-0676 (upstream commit df0bca04) is incomplete. Note that the same problem of leaking kernel memory will reappear if someone on some architecture uses struct timeval with some internal padding (for example tv_sec 64-bit and tv_usec 32-bit) --- then, you are going to leak the padded bytes to userspace. Signed-off-by: Eugene Teo <eugeneteo@kernel.sg> Reported-by: Mikulas Patocka <mpatocka@redhat.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Willy Tarreau <w@1wt.eu>
author: Eugene Teo <eugeneteo@kernel.sg> 2009-02-23 15:38:41 -0800
committer: Willy Tarreau <w@1wt.eu> 2009-06-07 21:36:51 +0200
commit: 7b8db1bf60fd78c2f6b1fc0754ed73836ae23f2f (patch)
tree: 5d059070dfdf398527bab8fdae195e447e6edfa3
parent: ab66e48b6ce77d564b6bb71d4e393264a98f186c (diff)
download: linux-2.4-7b8db1bf60fd78c2f6b1fc0754ed73836ae23f2f.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/net/core/sock.c b/net/core/sock.c
index 414ff3bc32d97d..c266cc3ee34a26 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -442,7 +442,9 @@ int sock_getsockopt(struct socket *sock, int level, int optname,
   		return -EFAULT;
 	if(len < 0)
 		return -EINVAL;
-		
+
+	memset(&v, 0, sizeof(v));
+
   	switch(optname) 
   	{
 		case SO_DEBUG:
author	Eugene Teo <eugeneteo@kernel.sg>	2009-02-23 15:38:41 -0800
committer	Willy Tarreau <w@1wt.eu>	2009-06-07 21:36:51 +0200
commit	7b8db1bf60fd78c2f6b1fc0754ed73836ae23f2f (patch)
tree	5d059070dfdf398527bab8fdae195e447e6edfa3
parent	ab66e48b6ce77d564b6bb71d4e393264a98f186c (diff)
download	linux-2.4-7b8db1bf60fd78c2f6b1fc0754ed73836ae23f2f.tar.gz