This is a note to let you know that I've just added the patch titled

    firewire: core: fix an information leak

to the 2.6.32-stable tree which can be found at:
    
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     firewire-core-fix-an-information-leak.patch
and it can be found in the queue-2.6.32 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <[email protected]> know about it.


>From 137d9ebfdbaa45c01f9f0f6d5121ae6f1eb942bd Mon Sep 17 00:00:00 2001
From: Stefan Richter <[email protected]>
Date: Fri, 19 Feb 2010 21:00:02 +0100
Subject: firewire: core: fix an information leak

From: Stefan Richter <[email protected]>

commit 137d9ebfdbaa45c01f9f0f6d5121ae6f1eb942bd upstream.

If a device exposes a sparsely populated configuration ROM,
firewire-core's sysfs interface and character device file interface
showed random data in the gaps between config ROM blocks.  Fix this by
zero-initialization of the config ROM reader's scratch buffer.

Signed-off-by: Stefan Richter <[email protected]>
Cc: maximilian attems <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>

---
 drivers/firewire/core-device.c |    1 +
 1 file changed, 1 insertion(+)

--- a/drivers/firewire/core-device.c
+++ b/drivers/firewire/core-device.c
@@ -463,6 +463,7 @@ static int read_bus_info_block(struct fw
                return -ENOMEM;
 
        stack = &rom[READ_BIB_ROM_SIZE];
+       memset(rom, 0, sizeof(*rom) * READ_BIB_ROM_SIZE);
 
        device->max_speed = SCODE_100;
 


Patches currently in stable-queue which might be from [email protected] 
are

queue-2.6.32/firewire-ohci-fix-race-in-ar-split-packet-handling.patch
queue-2.6.32/firewire-cdev-fix-information-leak.patch
queue-2.6.32/firewire-core-fix-an-information-leak.patch
queue-2.6.32/firewire-ohci-fix-buffer-overflow-in-ar-split-packet-handling.patch

_______________________________________________
stable mailing list
[email protected]
http://linux.kernel.org/mailman/listinfo/stable

Reply via email to