Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit b5f15ac4 authored by Vasiliy Kulikov's avatar Vasiliy Kulikov Committed by Patrick McHardy
Browse files

ipv4: netfilter: ip_tables: fix information leak to userland 



Structure ipt_getinfo is copied to userland with the field "name"
that has the last elements unitialized.  It leads to leaking of
contents of kernel stack memory.

Signed-off-by: default avatarVasiliy Kulikov <segooon@gmail.com>
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
parent 1a8b7a67

net/ipv4/netfilter/ip_tables.c

+1 −0
Original line number Diff line number Diff line
@@ -1124,6 +1124,7 @@ static int get_info(struct net *net, void __user *user, 
			private = &tmp;

		}

#endif

		memset(&info, 0, sizeof(info));

		info.valid_hooks = t->valid_hooks;

		memcpy(info.hook_entry, private->hook_entry,

		       sizeof(info.hook_entry));