WSL2-Linux-Kernel/net/caif
Mathias Krause 2d6fbfe733 caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg()
The current code does not fill the msg_name member in case it is set.
It also does not set the msg_namelen member to 0 and therefore makes
net/socket.c leak the local, uninitialized sockaddr_storage variable
to userland -- 128 bytes of kernel stack memory.

Fix that by simply setting msg_namelen to 0 as obviously nobody cared
about caif_seqpkt_recvmsg() not filling the msg_name in case it was
set.

Cc: Sjur Braendeland <sjur.brandeland@stericsson.com>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-04-07 16:28:01 -04:00
..
Kconfig Kconfig: replace "--- help ---" with "---help---" 2012-05-07 15:01:22 +02:00
Makefile
caif_dev.c caif_dev: fix sparse warnings for caif_flow_cb 2013-03-03 01:43:48 -05:00
caif_socket.c caif: Fix missing msg_namelen update in caif_seqpkt_recvmsg() 2013-04-07 16:28:01 -04:00
caif_usb.c CAIF: fix sparse warning for caif_usb 2013-03-04 14:12:07 -05:00
cfcnfg.c treewide: Fix typo in various drivers 2013-01-09 11:43:32 +01:00
cfctrl.c caif: Remove redundant null check before kfree in cfctrl.c 2012-11-20 13:48:09 -05:00
cfdbgl.c
cfdgml.c
cffrml.c
cfmuxl.c
cfpkt_skbuff.c
cfrfml.c
cfserl.c
cfsrvl.c caif: move the dereference below the NULL test 2012-09-10 16:13:31 -04:00
cfutill.c
cfveil.c
cfvidl.c
chnl_net.c caif: Do not dereference NULL in chnl_recv_cb() 2012-08-20 02:47:49 -07:00