[PATCH 1/1] crypto: user - fix leaking uninitialized memory to userspace
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Jan 25 11:33:07 UTC 2019
On Fri, Jan 25, 2019 at 09:26:53AM -0200, Thadeu Lima de Souza Cascardo wrote:
> On Fri, Jan 25, 2019 at 02:08:08AM +0000, Tyler Hicks wrote:
> > From: Eric Biggers <ebiggers at google.com>
> >
> > All bytes of the NETLINK_CRYPTO report structures must be initialized,
> > since they are copied to userspace. The change from strncpy() to
> > strlcpy() broke this. As a minimal fix, change it back.
>
> Why not using strscpy?
>
> Cascardo.
That would be commit 37db69e0b4923bff331820ee6969681937d8b065
("crypto: user - clean up report structure copying").
Thanks.
Cascardo.
More information about the kernel-team
mailing list