FreeBSD Security Advisory FreeBSD-SA-05:04.ifconf

kame · Apr 20, 2005 · 969a704 · 969a704
1 parent fe986f0
commit 969a704
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,7 +1,11 @@
 			CHANGELOG for KAME kit
-$KAME: CHANGELOG,v 1.2753 2005/04/19 06:55:22 suz Exp $
+$KAME: CHANGELOG,v 1.2754 2005/04/20 01:28:25 suz Exp $
 
 <200504>
+2005-04-20  SUZUKI, Shinsuke <suz@kame.net>
+	* freebsd5/sys/net/if.c: FreeBSD Security Advisory
+	 FreeBSD-SA-05:04.ifconf
+
 2005-04-19  SUZUKI, Shinsuke <suz@kame.net>
 	* *bsd/sys/netinet/igmp.c, igmp_var.h, in.[ch], ip_output.c,
 	  kame/sys/netient/in_msf.c: 

diff --git a/freebsd5/sys/net/if.c b/freebsd5/sys/net/if.c
@@ -1530,6 +1530,12 @@ ifconf(u_long cmd, caddr_t data)
 	TAILQ_FOREACH(ifp, &ifnet, if_link) {
 		int addrs;
 
+		/*
+		 * Zero the ifr_name buffer to make sure we don't
+		 * disclose the contents of the stack.
+		 */
+		memset(ifr.ifr_name, 0, sizeof(ifr.ifr_name));
+
 		if (strlcpy(ifr.ifr_name, ifp->if_xname, sizeof(ifr.ifr_name))
 		    >= sizeof(ifr.ifr_name))
 			return (ENAMETOOLONG);