[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 2 Feb 2021 22:05:39 +0300
From: Dan Carpenter <dan.carpenter@...cle.com>
To: Pavel Machek <pavel@....cz>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org, stable@...r.kernel.org,
Marc Kleine-Budde <mkl@...gutronix.de>,
Sasha Levin <sashal@...nel.org>
Subject: Re: [PATCH 4.4 24/28] can: dev: prevent potential information leak
in can_fill_info()
On Tue, Feb 02, 2021 at 07:53:17PM +0100, Pavel Machek wrote:
> Hi!
>
> > From: Dan Carpenter <dan.carpenter@...cle.com>
> >
> > [ Upstream commit b552766c872f5b0d90323b24e4c9e8fa67486dd5 ]
> >
> > The "bec" struct isn't necessarily always initialized. For example, the
> > mcp251xfd_get_berr_counter() function doesn't initialize anything if the
> > interface is down.
>
> Well, yes... and = {} does not neccessarily initialize all of the
> structure... for example padding.
>
> It is really simple
>
> struct can_berr_counter {
> __u16 txerr;
> __u16 rxerr;
> };
>
> but maybe something like alpha uses padding in such case, and memset
> would be better?
I'm pretty sure nothing uses padding in this situation. If it does then
we need to re-work a bunch of code.
regards,
dan carpenter
Powered by blists - more mailing lists