staging: wilc1000: fix infoleak in wilc_wfi_cfgoperations · d13829686b - Gogs: Go Git Service GfA electronic

staging: wilc1000: fix infoleak in wilc_wfi_cfgoperations

"mac" is an array allocated in stack without being initialized,
and will be sent out via "nla_put". The dump_station() is supposed
to initialize the mac address; otherwise, sensitive data in kernel
stack will be leaked. To fix this, copy the mac address to it.

Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Kangjie Lu 9 jaren geleden

bovenliggende

5c69585837

commit

d13829686b

1 gewijzigde bestanden met toevoegingen van 1 en 0 verwijderingen

Zij-aan-zij weergave Toon Diff Stats

						
							+ 1
							
							- 0
						
drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
							 
								Bestand weergeven
							
				@@ -1804,6 +1804,7 @@ static int dump_station(struct wiphy *wiphy, struct net_device *dev,
			
				 	wilc_get_rssi(vif, &sinfo->signal);
			
				+	memcpy(mac, priv->au8AssociatedBss, ETH_ALEN);
			
				 	return 0;
			
				 }