Searched hist:c6bf514c (Results 1 – 1 of 1) sorted by relevance
| /openbmc/linux/net/bluetooth/ |
| H A D | hci_core.c | c6bf514c Sun Nov 30 05:17:19 CST 2008 Vegard Nossum <vegard.nossum@gmail.com> Bluetooth: Fix leak of uninitialized data to userspace
struct hci_dev_list_req {
__u16 dev_num;
struct hci_dev_req dev_req[0]; /* hci_dev_req structures */
};
sizeof(struct hci_dev_list_req) == 4, so the two bytes immediately
following "dev_num" will never be initialized. When this structure
is copied to userspace, these uninitialized bytes are leaked.
Fix by using kzalloc() instead of kmalloc(). Found using kmemcheck.
Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
c6bf514c Sun Nov 30 05:17:19 CST 2008 Vegard Nossum <vegard.nossum@gmail.com> Bluetooth: Fix leak of uninitialized data to userspace
struct hci_dev_list_req {
__u16 dev_num;
struct hci_dev_req dev_req[0]; /* hci_dev_req structures */
};
sizeof(struct hci_dev_list_req) == 4, so the two bytes immediately
following "dev_num" will never be initialized. When this structure
is copied to userspace, these uninitialized bytes are leaked.
Fix by using kzalloc() instead of kmalloc(). Found using kmemcheck.
Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
|