rtnl: fix info leak on RTM_GETLINK request for VF devices Initialize the mac address buffer with 0 as the driver specific function will probably not fill the whole buffer. In fact, all in-kernel drivers fill only ETH_ALEN of the MAX_ADDR_LEN bytes, i.e. 6 of the 32 possible bytes. Therefore we currently leak 26 bytes of stack memory to userland via the netlink interface. Signed-off-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 84d73cd3fb142bf1298a8c13fd4ca50fd2432372 [log] [tgz]
author: Mathias Krause <minipli@googlemail.com> Sat Mar 09 05:52:20 2013 +0000
committer: David S. Miller <davem@davemloft.net> Sun Mar 10 05:19:26 2013 -0400
tree: 8575649889787ab0ba141927e4e1d3c1d0c43f68
parent: c085c49920b2f900ba716b4ca1c1a55ece9872cc [diff]
diff --git a/net/core/rtnetlink.c b/net/core/rtnetlink.c
index b376410..a585d45 100644
--- a/net/core/rtnetlink.c
+++ b/net/core/rtnetlink.c

@@ -979,6 +979,7 @@
 			 * report anything.
 			 */
 			ivi.spoofchk = -1;
+			memset(ivi.mac, 0, sizeof(ivi.mac));
 			if (dev->netdev_ops->ndo_get_vf_config(dev, i, &ivi))
 				break;
 			vf_mac.vf =
commit	84d73cd3fb142bf1298a8c13fd4ca50fd2432372	[log] [tgz]
author	Mathias Krause <minipli@googlemail.com>	Sat Mar 09 05:52:20 2013 +0000
committer	David S. Miller <davem@davemloft.net>	Sun Mar 10 05:19:26 2013 -0400
tree	8575649889787ab0ba141927e4e1d3c1d0c43f68
parent	c085c49920b2f900ba716b4ca1c1a55ece9872cc [diff]