d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Correct a kernel stack leak in 32-bit compat when vfc_name is short.

Browse Source 
Don't zero unused pointer members again.

Per discussion with secteam we are not issuing an advisory for this
issue as we have no current evidence it leaks exploitable information.

Reviewed by:	rwatson, glebius, delphij
MFC after:	1 day
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D10227
This commit is contained in:
brooks 2017-04-04 17:32:08 +00:00
parent 270f6a4b8c
commit 2d2b5c6861
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sys/kern/vfs_subr.c
View File

@ -3781,12 +3781,11 @@ vfsconf2x32(struct sysctl_req *req, struct vfsconf *vfsp)
{
struct xvfsconf32 xvfsp;
bzero(&xvfsp, sizeof(xvfsp));
strcpy(xvfsp.vfc_name, vfsp->vfc_name);
xvfsp.vfc_typenum = vfsp->vfc_typenum;
xvfsp.vfc_refcount = vfsp->vfc_refcount;
xvfsp.vfc_flags = vfsp->vfc_flags;
xvfsp.vfc_vfsops = 0;
xvfsp.vfc_next = 0;
return (SYSCTL_OUT(req, &xvfsp, sizeof(xvfsp)));
}
#endif