[alsa-devel] [PATCH 1/2] ALSA: info: Avoid leaking kernel memory
David Henningsson
david.henningsson at canonical.com
Thu Mar 14 07:15:28 CET 2013
On 03/13/2013 05:36 PM, Takashi Iwai wrote:
> Make sure that the allocated buffer for reading the proc file won't
> expose the uncleared kernel memory.
This should go to stable too, due to the security implications of
leaking possibly sensitive information to userspace?
>
> Signed-off-by: Takashi Iwai <tiwai at suse.de>
> ---
> sound/core/info.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/sound/core/info.c b/sound/core/info.c
> index db308db..58e97b3 100644
> --- a/sound/core/info.c
> +++ b/sound/core/info.c
> @@ -89,7 +89,7 @@ static int resize_info_buffer(struct snd_info_buffer *buffer,
> char *nbuf;
>
> nsize = PAGE_ALIGN(nsize);
> - nbuf = krealloc(buffer->buffer, nsize, GFP_KERNEL);
> + nbuf = krealloc(buffer->buffer, nsize, GFP_KERNEL | __GFP_ZERO);
> if (! nbuf)
> return -ENOMEM;
>
> @@ -353,7 +353,7 @@ static int snd_info_entry_open(struct inode *inode, struct file *file)
> goto __nomem;
> data->rbuffer = buffer;
> buffer->len = PAGE_SIZE;
> - buffer->buffer = kmalloc(buffer->len, GFP_KERNEL);
> + buffer->buffer = kzalloc(buffer->len, GFP_KERNEL);
> if (buffer->buffer == NULL)
> goto __nomem;
> }
>
--
David Henningsson, Canonical Ltd.
https://launchpad.net/~diwic
More information about the Alsa-devel
mailing list