unimore/kernel-hacking-2024-linux-steffo
unimore/kernel-hacking-2024-linux-steffo
1
Fork 0
Code Pull requests 5 Wiki Activity
kernel-hacking-2024-linux-s.../net/irda
History
Mathias Krause 5ae94c0d2f irda: Fix missing msg_namelen update in irda_recvmsg_dgram() 
The current code does not fill the msg_name member in case it is set.
It also does not set the msg_namelen member to 0 and therefore makes
net/socket.c leak the local, uninitialized sockaddr_storage variable
to userland -- 128 bytes of kernel stack memory.

Fix that by simply setting msg_namelen to 0 as obviously nobody cared
about irda_recvmsg_dgram() not filling the msg_name in case it was
set.

Cc: Samuel Ortiz <samuel@sortiz.org>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-07 16:28:01 -04:00
..
ircomm net/irda: Raise dtr in non-blocking open 2013-03-06 02:47:05 -05:00
irlan irda: Fix typo in irda 2012-07-16 23:23:52 -07:00
irnet irda: buffer overflow in irnet_ctrl_read() 2013-01-27 20:38:19 -05:00
af_irda.c irda: Fix missing msg_namelen update in irda_recvmsg_dgram() 2013-04-07 16:28:01 -04:00
discovery.c
irda_device.c
iriap.c irda: small read beyond end of array in debug code 2013-02-27 13:10:35 -05:00
iriap_event.c
irias_object.c
irlap.c
irlap_event.c
irlap_frame.c
irlmp.c
irlmp_event.c
irlmp_frame.c
irmod.c
irnetlink.c netlink: Rename pid to portid to avoid confusion 2012-09-10 15:30:41 -04:00
irproc.c
irqueue.c
irsysctl.c
irttp.c irda: irttp: fix memory leak in irttp_open_tsap() error path 2012-11-28 11:25:29 -05:00
Kconfig
Makefile
parameters.c
qos.c
timer.c treewide: Replace incomming with incoming in all comments and strings 2013-01-03 16:15:49 +01:00
wrapper.c