Re: [PATCH RESEND] cifs: use memzero_explicit to clear stack buffer

Herbert Xu Tue, 06 Jan 2015 15:00:00 -0800

On Tue, Jan 06, 2015 at 10:37:00PM +0100, Giel van Schijndel wrote:
> When leaving a function use memzero_explicit instead of memset(0) to
> clear stack allocated buffers. memset(0) may be optimized away.
> 
> This particular buffer is highly likely to contain sensitive data which
> we shouldn't leak (it's named 'passwd' after all).
> 
> Signed-off-by: Giel van Schijndel <m...@mortis.eu>
> Reported-at: http://www.viva64.com/en/b/0299/
> Reported-by: Andrey Karpov
> Reported-by: Svyatoslav Razmyslov


Acked-by: Herbert Xu <herb...@gondor.apana.org.au>

Thanks,
-- 
Email: Herbert Xu <herb...@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Re: [PATCH RESEND] cifs: use memzero_explicit to clear stack buffer

Reply via email to