ChangeSet 1.1982.161.36, 2005/03/25 17:50:01-08:00, [EMAIL PROTECTED]
[PATCH] Suspected information leak (mem pages) in ext2
From: "Mathieu Lafon" <[EMAIL PROTECTED]>
I think I have discovered a potential security problem in ext2: when a
new directory is created, the ext2 block written to disk is not
initialized.
Included is a proposed patch for Linux 2.6 (ext2_make_empty() function):
CAN-2005-0400 is assigned to this issue.
Signed-off-by: Chris Wright <[EMAIL PROTECTED]>
dir.c | 1 +
1 files changed, 1 insertion(+)
diff -Nru a/fs/ext2/dir.c b/fs/ext2/dir.c
--- a/fs/ext2/dir.c 2005-03-26 11:30:03 -08:00
+++ b/fs/ext2/dir.c 2005-03-26 11:30:03 -08:00
@@ -592,6 +592,7 @@
goto fail;
}
kaddr = kmap_atomic(page, KM_USER0);
+ memset(kaddr, 0, chunk_size);
de = (struct ext2_dir_entry_2 *)kaddr;
de->name_len = 1;
de->rec_len = cpu_to_le16(EXT2_DIR_REC_LEN(1));
-
To unsubscribe from this list: send the line "unsubscribe bk-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
