[patch] drm: potential info leak in compat_drm_getclient()
Dan Carpenter
dan.carpenter at oracle.com
Thu Sep 22 23:20:25 PDT 2011
Smatch has a new check for Rosenberg type information leaks where
structs are copied to the user with uninitialized stack data in them.
The c32.idx member wasn't initialized.
Signed-off-by: Dan Carpenter <dan.carpenter at oracle.com>
diff --git a/drivers/gpu/drm/drm_ioc32.c b/drivers/gpu/drm/drm_ioc32.c
index 4a058c7..050bd49 100644
--- a/drivers/gpu/drm/drm_ioc32.c
+++ b/drivers/gpu/drm/drm_ioc32.c
@@ -314,6 +314,7 @@ static int compat_drm_getclient(struct file *file, unsigned int cmd,
if (err)
return err;
+ c32.idx = idx;
if (__get_user(c32.auth, &client->auth)
|| __get_user(c32.pid, &client->pid)
|| __get_user(c32.uid, &client->uid)
More information about the dri-devel
mailing list