HID: core: zero-initialize the report buffer

[ Upstream commit 177f25d1292c7e16e1199b39c85480f7f8815552 ] Since the report buffer is used by all kinds of drivers in various ways, let's zero-initialize it during allocation to make sure that it can't be ever used to leak kernel memory via specially-crafted report. Fixes: 27ce405039bf ("HID: fix data access in implement()") Reported-by: Benoît Sevens <bsevens@google.com> Acked-by: Benjamin Tissoires <bentiss@kernel.org> Signed-off-by: Jiri Kosina <jkosina@suse.com> Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Jiri Kosina <jkosina@suse.com> 2024-10-29 17:44:35 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2024-11-14 15:20:57 +0300
commit: 492015e6249fbcd42138b49de3c588d826dd9648 (patch)
tree: 42646d48cedd49af65cf64cf9dbb25a479d12fc0 /drivers/hid
parent: 905144a778c610edbd0bb64a8a47b97b945dc43d (diff)
download: linux-492015e6249fbcd42138b49de3c588d826dd9648.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c
index 988d0acbdf04..3fcf098f4f56 100644
--- a/drivers/hid/hid-core.c
+++ b/drivers/hid/hid-core.c
@@ -1875,7 +1875,7 @@ u8 *hid_alloc_report_buf(struct hid_report *report, gfp_t flags)
 
 	u32 len = hid_report_len(report) + 7;
 
-	return kmalloc(len, flags);
+	return kzalloc(len, flags);
 }
 EXPORT_SYMBOL_GPL(hid_alloc_report_buf);
author	Jiri Kosina <jkosina@suse.com>	2024-10-29 17:44:35 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-11-14 15:20:57 +0300
commit	492015e6249fbcd42138b49de3c588d826dd9648 (patch)
tree	42646d48cedd49af65cf64cf9dbb25a479d12fc0 /drivers/hid
parent	905144a778c610edbd0bb64a8a47b97b945dc43d (diff)
download	linux-492015e6249fbcd42138b49de3c588d826dd9648.tar.xz