Skip to content

Commit 2d8a041

Browse files
miniplidavem330
authored andcommitted
ipvs: fix info leak in getsockopt(IP_VS_SO_GET_TIMEOUT)
If at least one of CONFIG_IP_VS_PROTO_TCP or CONFIG_IP_VS_PROTO_UDP is not set, __ip_vs_get_timeouts() does not fully initialize the structure that gets copied to userland and that for leaks up to 12 bytes of kernel stack. Add an explicit memset(0) before passing the structure to __ip_vs_get_timeouts() to avoid the info leak. Signed-off-by: Mathias Krause <minipli@googlemail.com> Cc: Wensong Zhang <wensong@linux-vs.org> Cc: Simon Horman <horms@verge.net.au> Cc: Julian Anastasov <ja@ssi.bg> Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent 7b07f8e commit 2d8a041

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

Diff for: net/netfilter/ipvs/ip_vs_ctl.c

+1
Original file line numberDiff line numberDiff line change
@@ -2759,6 +2759,7 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
27592759
{
27602760
struct ip_vs_timeout_user t;
27612761

2762+
memset(&t, 0, sizeof(t));
27622763
__ip_vs_get_timeouts(net, &t);
27632764
if (copy_to_user(user, &t, sizeof(t)) != 0)
27642765
ret = -EFAULT;

0 commit comments

Comments
 (0)