| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20151028182953.GA11738@mx.elandsys.com>
Date: Wed, 28 Oct 2015 11:29:53 -0700
From: Loganaden Velvindron <logan@...ndsys.com>
To: netdev@...r.kernel.org
Subject: [PATCH 1/1 net-next] net: bridge: use vzalloc() instead of vmalloc()
for counterstmp
counterstmp is not cleared before it is used in get_counters(). it might be
leaked partially when it is sent to userland later on.
Signed-off-by: Loganaden Velvindron <logan@...ndsys.com>
---
net/bridge/netfilter/ebtables.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index f46ca41..26922e9 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -989,7 +989,7 @@ static int do_replace_finish(struct net *net, struct ebt_replace *repl,
the check on the size is done later, when we have the lock */
if (repl->num_counters) {
unsigned long size = repl->num_counters * sizeof(*counterstmp);
- counterstmp = vmalloc(size);
+ counterstmp = vzalloc(size);
if (!counterstmp)
return -ENOMEM;
}
@@ -1410,7 +1410,7 @@ static int copy_counters_to_user(struct ebt_table *t,
return -EINVAL;
}
- counterstmp = vmalloc(nentries * sizeof(*counterstmp));
+ counterstmp = vzalloc(nentries * sizeof(*counterstmp));
if (!counterstmp)
return -ENOMEM;
--
2.6.1
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists