Author: glebius
Date: Tue May 31 16:56:30 2016
New Revision: 301053
URL: https://svnweb.freebsd.org/changeset/base/301053
Log:
Fix kernel stack disclosures in the Linux and 4.3BSD compat layers.
Submitted by: CTurt
Security: SA-16:20
Security: SA-16:21
Modified:
head/sys/compat/linux/linux_ioctl.c
head/sys/compat/linux/linux_misc.c
head/sys/kern/vfs_syscalls.c
Modified: head/sys/compat/linux/linux_ioctl.c
==============================================================================
--- head/sys/compat/linux/linux_ioctl.c Tue May 31 16:55:50 2016
(r301052)
+++ head/sys/compat/linux/linux_ioctl.c Tue May 31 16:56:30 2016
(r301053)
@@ -916,6 +916,8 @@ linux_ioctl_termio(struct thread *td, st
case LINUX_TIOCGSERIAL: {
struct linux_serial_struct lss;
+
+ bzero(&lss, sizeof(lss));
lss.type = LINUX_PORT_16550A;
lss.flags = 0;
lss.close_delay = 0;
Modified: head/sys/compat/linux/linux_misc.c
==============================================================================
--- head/sys/compat/linux/linux_misc.c Tue May 31 16:55:50 2016
(r301052)
+++ head/sys/compat/linux/linux_misc.c Tue May 31 16:56:30 2016
(r301053)
@@ -149,6 +149,7 @@ linux_sysinfo(struct thread *td, struct
int i, j;
struct timespec ts;
+ bzero(&sysinfo, sizeof(sysinfo));
getnanouptime(&ts);
if (ts.tv_nsec != 0)
ts.tv_sec++;
Modified: head/sys/kern/vfs_syscalls.c
==============================================================================
--- head/sys/kern/vfs_syscalls.c Tue May 31 16:55:50 2016
(r301052)
+++ head/sys/kern/vfs_syscalls.c Tue May 31 16:56:30 2016
(r301053)
@@ -2068,6 +2068,7 @@ cvtstat(st, ost)
struct ostat *ost;
{
+ bzero(ost, sizeof(*ost));
ost->st_dev = st->st_dev;
ost->st_ino = st->st_ino;
ost->st_mode = st->st_mode;
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
