Commit 7ab5118d authored by Vasiliy Kulikov's avatar Vasiliy Kulikov Committed by Jens Axboe
Browse files

block: cciss: fix information leak to userland 



Structure IOCTL_Command_struct is copied to userland with
some padding fields at the end of the struct unitialized.
It leads to leaking of contents of kernel stack memory.

Signed-off-by: default avatarVasiliy Kulikov <segooon@gmail.com>
Signed-off-by: default avatarJens Axboe <jaxboe@fusionio.com>
parent 027b180d

drivers/block/cciss.c

+1 −0
Original line number Diff line number Diff line
@@ -1184,6 +1184,7 @@ static int cciss_ioctl32_big_passthru(struct block_device *bdev, fmode_t mode, 
	int err;

	u32 cp;



	memset(&arg64, 0, sizeof(arg64));

	err = 0;

	err |=

	    copy_from_user(&arg64.LUN_info, &arg32->LUN_info,

CRA Git | Maintained and supported by SUSTech CRA and CCSE