xfs: fix stack contents leakage in the v1 inumber ioctls (2e616d9f) · Commits · 戴 / test

Explicitly initialize the onstack structures to zero so we don't leak kernel memory into userspace when converting the in-core inumbers structure to the v1 inogrp ioctl structure. Add a comment about why we have to use memset to ensure that the padding holes in the structures are set to zero. Fixes: ("xfs: introduce v5 inode group structure") Reported-by:

Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by:

Darrick J. Wong <darrick.wong@oracle.com> Reviewed-by:

Eric Sandeen <sandeen@redhat.com>

fs/xfs/xfs_itable.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -272,6 +272,7 @@ xfs_bulkstat_to_bstat(
		struct xfs_bstat *bs1,
		const struct xfs_bulkstat *bstat)
		{
		/* memset is needed here because of padding holes in the structure. */
		memset(bs1, 0, sizeof(struct xfs_bstat));
		bs1->bs_ino = bstat->bs_ino;
		bs1->bs_mode = bstat->bs_mode;
		@@ -388,6 +389,8 @@ xfs_inumbers_to_inogrp(
		struct xfs_inogrp *ig1,
		const struct xfs_inumbers *ig)
		{
		/* memset is needed here because of padding holes in the structure. */
		memset(ig1, 0, sizeof(struct xfs_inogrp));
		ig1->xi_startino = ig->xi_startino;
		ig1->xi_alloccount = ig->xi_alloccount;
		ig1->xi_allocmask = ig->xi_allocmask;

Admin message