| Message ID | 1471802179-2886-1-git-send-email-xypron.glpk@gmx.de (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Sun, Aug 21, 2016 at 07:56:19PM +0200, Heinrich Schuchardt wrote: > The C standard does not specify the size of the integer used > to store an enum. Hence in structure drm_stats32_t alignment > bytes may exist. > > To avoid exposing bytes from the kernel stack it is > necessary to initialize variable s32 completely. > > Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Applied to drm-misc, thanks. -Daniel > --- > drivers/gpu/drm/drm_ioc32.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c > index 57676f8..32a489b 100644 > --- a/drivers/gpu/drm/drm_ioc32.c > +++ b/drivers/gpu/drm/drm_ioc32.c > @@ -346,6 +346,7 @@ static int compat_drm_getstats(struct file *file, unsigned int cmd, > struct drm_stats __user *stats; > int i, err; > > + memset(&s32, 0, sizeof(drm_stats32_t)); > stats = compat_alloc_user_space(sizeof(*stats)); > if (!stats) > return -EFAULT; > -- > 2.1.4 > > _______________________________________________ > dri-devel mailing list > dri-devel@lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/dri-devel
On Mon, 22 Aug 2016, Daniel Vetter <daniel@ffwll.ch> wrote: > On Sun, Aug 21, 2016 at 07:56:19PM +0200, Heinrich Schuchardt wrote: >> The C standard does not specify the size of the integer used >> to store an enum. Hence in structure drm_stats32_t alignment >> bytes may exist. >> >> To avoid exposing bytes from the kernel stack it is >> necessary to initialize variable s32 completely. >> >> Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> > > Applied to drm-misc, thanks. > -Daniel > >> --- >> drivers/gpu/drm/drm_ioc32.c | 1 + >> 1 file changed, 1 insertion(+) >> >> diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c >> index 57676f8..32a489b 100644 >> --- a/drivers/gpu/drm/drm_ioc32.c >> +++ b/drivers/gpu/drm/drm_ioc32.c >> @@ -346,6 +346,7 @@ static int compat_drm_getstats(struct file *file, unsigned int cmd, >> struct drm_stats __user *stats; >> int i, err; >> >> + memset(&s32, 0, sizeof(drm_stats32_t)); For future reference, memset(&s32, 0, sizeof(s32)); is the better approach, avoiding problems if the type of s32 ever changes. BR, Jani. >> stats = compat_alloc_user_space(sizeof(*stats)); >> if (!stats) >> return -EFAULT; >> -- >> 2.1.4 >> >> _______________________________________________ >> dri-devel mailing list >> dri-devel@lists.freedesktop.org >> https://lists.freedesktop.org/mailman/listinfo/dri-devel
diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c index 57676f8..32a489b 100644 --- a/drivers/gpu/drm/drm_ioc32.c +++ b/drivers/gpu/drm/drm_ioc32.c @@ -346,6 +346,7 @@ static int compat_drm_getstats(struct file *file, unsigned int cmd, struct drm_stats __user *stats; int i, err; + memset(&s32, 0, sizeof(drm_stats32_t)); stats = compat_alloc_user_space(sizeof(*stats)); if (!stats) return -EFAULT;
The C standard does not specify the size of the integer used to store an enum. Hence in structure drm_stats32_t alignment bytes may exist. To avoid exposing bytes from the kernel stack it is necessary to initialize variable s32 completely. Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de> --- drivers/gpu/drm/drm_ioc32.c | 1 + 1 file changed, 1 insertion(+)