crypto: algif - suppress sending source address information in recvmsg
The current code does not set the msg_namelen member to 0 and therefore makes net/socket.c leak the local sockaddr_storage variable to userland -- 128 bytes of kernel stack memory. Fix that. Cc: <stable@vger.kernel.org> # 2.6.38 Signed-off-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
d47cbd5bce
commit
72a763d805
|
@ -161,6 +161,8 @@ static int hash_recvmsg(struct kiocb *unused, struct socket *sock,
|
|||
else if (len < ds)
|
||||
msg->msg_flags |= MSG_TRUNC;
|
||||
|
||||
msg->msg_namelen = 0;
|
||||
|
||||
lock_sock(sk);
|
||||
if (ctx->more) {
|
||||
ctx->more = 0;
|
||||
|
|
|
@ -432,6 +432,7 @@ static int skcipher_recvmsg(struct kiocb *unused, struct socket *sock,
|
|||
long copied = 0;
|
||||
|
||||
lock_sock(sk);
|
||||
msg->msg_namelen = 0;
|
||||
for (iov = msg->msg_iov, iovlen = msg->msg_iovlen; iovlen > 0;
|
||||
iovlen--, iov++) {
|
||||
unsigned long seglen = iov->iov_len;
|
||||
|
|
Loading…
Reference in New Issue