Skip to content

Commit

Permalink
Merge tag 'firewire-fix' of git://git.kernel.org/pub/scm/linux/kernel…
Browse files Browse the repository at this point in the history 
…/git/ieee1394/linux1394

Pull firewire fix from Stefan Richter:
 "IEEE 1394 (FireWire) subsystem fix: The character device file
  interface for raw 1394 I/O took uninitialized kernel stack as
  substitute for missing ioctl() argument data.  This could partially
  show up in subsequent read() output"

* tag 'firewire-fix' of git://git.kernel.org/pub/scm/linux/kernel/git/ieee1394/linux1394:
  firewire: cdev: prevent kernel stack leaking into ioctl arguments
  • Loading branch information
@torvalds
torvalds committed Nov 14, 2014
2 parents 3865efc + eaca2d8 commit f720d7d
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions drivers/firewire/core-cdev.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1637,8 +1637,7 @@ static int dispatch_ioctl(struct client *client,
_IOC_SIZE(cmd) > sizeof(buffer))
return -ENOTTY;

if (_IOC_DIR(cmd) == _IOC_READ)
memset(&buffer, 0, _IOC_SIZE(cmd));
memset(&buffer, 0, sizeof(buffer));

if (_IOC_DIR(cmd) & _IOC_WRITE)
if (copy_from_user(&buffer, arg, _IOC_SIZE(cmd)))
Expand Down

0 comments on commit f720d7d

Please sign in to comment.