Re: [PATCH RESEND] cifs: use memzero_explicit to clear stack buffer
merged into cifs-2.6.git for-next On Tue, Jan 6, 2015 at 4:59 PM, Herbert Xu herb...@gondor.apana.org.au wrote: On Tue, Jan 06, 2015 at 10:37:00PM +0100, Giel van Schijndel wrote: When leaving a function use memzero_explicit instead of memset(0) to clear stack allocated buffers. memset(0) may be optimized away. This particular buffer is highly likely to contain sensitive data which we shouldn't leak (it's named 'passwd' after all). Signed-off-by: Giel van Schijndel m...@mortis.eu Reported-at: http://www.viva64.com/en/b/0299/ Reported-by: Andrey Karpov Reported-by: Svyatoslav Razmyslov Acked-by: Herbert Xu herb...@gondor.apana.org.au Thanks, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- Thanks, Steve -- To unsubscribe from this list: send the line unsubscribe linux-cifs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH RESEND] cifs: use memzero_explicit to clear stack buffer
Looks fine to me - will merge into cifs-2.6.git On Tue, Jan 6, 2015 at 3:37 PM, Giel van Schijndel m...@mortis.eu wrote: When leaving a function use memzero_explicit instead of memset(0) to clear stack allocated buffers. memset(0) may be optimized away. This particular buffer is highly likely to contain sensitive data which we shouldn't leak (it's named 'passwd' after all). Signed-off-by: Giel van Schijndel m...@mortis.eu Reported-at: http://www.viva64.com/en/b/0299/ Reported-by: Andrey Karpov Reported-by: Svyatoslav Razmyslov --- fs/cifs/smbencrypt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/cifs/smbencrypt.c b/fs/cifs/smbencrypt.c index 6c15663..a4232ec 100644 --- a/fs/cifs/smbencrypt.c +++ b/fs/cifs/smbencrypt.c @@ -221,7 +221,7 @@ E_md4hash(const unsigned char *passwd, unsigned char *p16, } rc = mdfour(p16, (unsigned char *) wpwd, len * sizeof(__le16)); - memset(wpwd, 0, 129 * sizeof(__le16)); + memzero_explicit(wpwd, sizeof(wpwd)); return rc; } -- 2.1.4 -- Thanks, Steve -- To unsubscribe from this list: send the line unsubscribe linux-cifs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH RESEND] cifs: use memzero_explicit to clear stack buffer
On Tue, Jan 06, 2015 at 10:37:00PM +0100, Giel van Schijndel wrote: When leaving a function use memzero_explicit instead of memset(0) to clear stack allocated buffers. memset(0) may be optimized away. This particular buffer is highly likely to contain sensitive data which we shouldn't leak (it's named 'passwd' after all). Signed-off-by: Giel van Schijndel m...@mortis.eu Reported-at: http://www.viva64.com/en/b/0299/ Reported-by: Andrey Karpov Reported-by: Svyatoslav Razmyslov Acked-by: Herbert Xu herb...@gondor.apana.org.au Thanks, -- Email: Herbert Xu herb...@gondor.apana.org.au Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line unsubscribe linux-cifs in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html