crypto: algif - suppress sending source address information in recvmsg

commit 72a763d805a48ac8c0bf48fdb510e84c12de51fe upstream. The current code does not set the msg_namelen member to 0 and therefore makes net/socket.c leak the local sockaddr_storage variable to userland -- 128 bytes of kernel stack memory. Fix that. Signed-off-by: Mathias Krause <minipli@googlemail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Mathias Krause <minipli@googlemail.com> 2013-04-07 14:05:39 +0200
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2013-04-25 21:23:48 -0700
commit: 0236d37edc0522f37b83eba35432815cd98789ff (patch)
tree: 7e7f5741ffae918b0c489fd0d7590ccd498463da /crypto
parent: 55aa9556812fe10d71bfe82ff61058a3a03cb0f6 (diff)
2 files changed, 3 insertions, 0 deletions
diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
index 62122a1a2f7a..fed2868e504f 100644
--- a/crypto/algif_hash.c
+++ b/crypto/algif_hash.c
@@ -159,6 +159,8 @@ static int hash_recvmsg(struct kiocb *unused, struct socket *sock,
 	else if (len < ds)
 		msg->msg_flags |= MSG_TRUNC;
 
+	msg->msg_namelen = 0;
+
 	lock_sock(sk);
 	if (ctx->more) {
 		ctx->more = 0;
diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
index 6a6dfc062d2a..a1c4f0a55583 100644
--- a/crypto/algif_skcipher.c
+++ b/crypto/algif_skcipher.c
@@ -432,6 +432,7 @@ static int skcipher_recvmsg(struct kiocb *unused, struct socket *sock,
 	long copied = 0;
 
 	lock_sock(sk);
+	msg->msg_namelen = 0;
 	for (iov = msg->msg_iov, iovlen = msg->msg_iovlen; iovlen > 0;
 	     iovlen--, iov++) {
 		unsigned long seglen = iov->iov_len;
author	Mathias Krause <minipli@googlemail.com>	2013-04-07 14:05:39 +0200
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2013-04-25 21:23:48 -0700
commit	0236d37edc0522f37b83eba35432815cd98789ff (patch)
tree	7e7f5741ffae918b0c489fd0d7590ccd498463da /crypto
parent	55aa9556812fe10d71bfe82ff61058a3a03cb0f6 (diff)