Commit 077cb37f authored Oct 14, 2015 by Joe Perches Committed by David S. Miller Oct 14, 2015

ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings



It seems that kernel memory can leak into userspace by a
kmalloc, ethtool_get_strings, then copy_to_user sequence.

Avoid this by using kcalloc to zero fill the copied buffer.

Signed-off-by: Joe Perches <joe@perches.com>
Acked-by: Ben Hutchings <ben@decadent.org.uk>
Signed-off-by: David S. Miller <davem@davemloft.net>

parent ef41a2ce

net/core/ethtool.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -1284,7 +1284,7 @@ static int ethtool_get_strings(struct net_device dev, void __user useraddr)

		gstrings.len = ret;

		data = kmalloc(gstrings.len * ETH_GSTRING_LEN, GFP_USER);
		data = kcalloc(gstrings.len, ETH_GSTRING_LEN, GFP_USER);
		if (!data)
		return -ENOMEM;