summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVasiliy Kulikov <segooon@gmail.com>2010-11-03 08:45:06 +0100
committerPatrick McHardy <kaber@trash.net>2010-11-03 08:45:06 +0100
commitb5f15ac4f89f84853544c934fc7a744289e95e34 (patch)
tree35f89a706003f9e9343bd63fc5d560cf33a579a7
parent1a8b7a67224eb0c9dbd883b9bfc4938278bad370 (diff)
ipv4: netfilter: ip_tables: fix information leak to userland
Structure ipt_getinfo is copied to userland with the field "name" that has the last elements unitialized. It leads to leaking of contents of kernel stack memory. Signed-off-by: Vasiliy Kulikov <segooon@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r--net/ipv4/netfilter/ip_tables.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index d31b007a6d80..a846d633b3b6 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1124,6 +1124,7 @@ static int get_info(struct net *net, void __user *user,
private = &tmp;
}
#endif
+ memset(&info, 0, sizeof(info));
info.valid_hooks = t->valid_hooks;
memcpy(info.hook_entry, private->hook_entry,
sizeof(info.hook_entry));