summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorJohannes Berg <johannes.berg@intel.com>2010-09-17 02:38:25 +0400
committerJohn W. Linville <linville@tuxdriver.com>2010-09-20 21:41:40 +0400
commitdf6d02300f7c2fbd0fbe626d819c8e5237d72c62 (patch)
tree7f0eadba6ca9d0cc19b26dc82ec61bc8df4c9fe2 /security
parent7acc7c683a747689aaaaad4fce1683fc3f85e552 (diff)
downloadlinux-df6d02300f7c2fbd0fbe626d819c8e5237d72c62.tar.xz
wext: fix potential private ioctl memory content leak
When a driver doesn't fill the entire buffer, old heap contents may remain, and if it also doesn't update the length properly, this old heap content will be copied back to userspace. It is very unlikely that this happens in any of the drivers using private ioctls since it would show up as junk being reported by iwpriv, but it seems better to be safe here, so use kzalloc. Reported-by: Jeff Mahoney <jeffm@suse.com> Cc: stable@kernel.org Signed-off-by: Johannes Berg <johannes.berg@intel.com> Signed-off-by: John W. Linville <linville@tuxdriver.com>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions