From: xidongwang <[email protected]> ib_uverbs_create_ah() may copy stack allocated structs to userspace without initializing all members of these structs. Clear out this memory to prevent information leaks.
Signed-off-by: xidongwang <[email protected]> --- drivers/infiniband/core/uverbs_cmd.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c index b48b3f6..04861e6 100644 --- a/drivers/infiniband/core/uverbs_cmd.c +++ b/drivers/infiniband/core/uverbs_cmd.c @@ -2481,6 +2481,7 @@ static int ib_uverbs_create_ah(struct uverbs_attr_bundle *attrs) uobj->user_handle = cmd.user_handle; uobj->object = ah; + memset(&resp, 0, sizeof(resp)); resp.ah_handle = uobj->id; ret = uverbs_response(attrs, &resp, sizeof(resp)); -- 2.7.4
