ip: zero sockaddr returned on error queue - kernel/linux.git

diff options

author	Willem de Bruijn <willemb@google.com>	2015-01-15 21:18:40 +0300
committer	Ben Hutchings <ben@decadent.org.uk>	2015-05-10 01:16:36 +0300
commit	11235a669e34cf610cf315d8e8d3a37d1d9d9611 (patch)
tree	a4bb6345eef02ad206adb7dbf6646de62f32ca9e /net/ipv6/anycast.c
parent	26e0023ac5718f42e14ad41f747d3f4956c80ef5 (diff)
download	linux-11235a669e34cf610cf315d8e8d3a37d1d9d9611.tar.xz

ip: zero sockaddr returned on error queue

[ Upstream commit f812116b174e59a350acc8e4856213a166a91222 ] The sockaddr is returned in IP(V6)_RECVERR as part of errhdr. That structure is defined and allocated on the stack as struct { struct sock_extended_err ee; struct sockaddr_in(6) offender; } errhdr; The second part is only initialized for certain SO_EE_ORIGIN values. Always initialize it completely. An MTU exceeded error on a SOCK_RAW/IPPROTO_RAW is one example that would return uninitialized bytes. Signed-off-by: Willem de Bruijn <willemb@google.com> ---- Also verified that there is no padding between errhdr.ee and errhdr.offender that could leak additional kernel data. Acked-by: Eric Dumazet <edumazet@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> [bwh: Backported to 3.2: adjust context] Signed-off-by: Ben Hutchings <ben@decadent.org.uk>

Diffstat (limited to 'net/ipv6/anycast.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: