[email protected] writes:
...
> I haven't chased through the code in detail - will this change ensure that
> all ETH_ZLEN bytes are initialized? We had a bunch of drivers a few years
> ago that set the length to the legal min, but then only copied some smaller
> number of bytes in, resulting in leakage of kernel memory contents....
No, it looks like alloc_skb just kmallocs the data, so I'd need to
follow up with something like this:
diff -rN -u old-aoe-2.6-stand/linux/drivers/block/aoe/aoecmd.c new-aoe-2.6-stand/linux/drivers/block/aoe/aoecmd.c
--- old-aoe-2.6-stand/linux/drivers/block/aoe/aoecmd.c 2005-09-26 18:25:19.000000000 -0400
+++ new-aoe-2.6-stand/linux/drivers/block/aoe/aoecmd.c 2005-09-26 17:08:21.000000000 -0400
@@ -26,6 +26,7 @@
skb = alloc_skb(len, GFP_ATOMIC);
if (skb) {
+ memset(skb->head, 0, skb->end - skb->head);
skb->nh.raw = skb->mac.raw = skb->data;
skb->dev = if_dev;
skb->protocol = __constant_htons(ETH_P_AOE);
--
Ed L Cashin <[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |