From 19714a8af8fe8618a9beace1f7a3bb10d55d5e2f Mon Sep 17 00:00:00 2001
From: Vasiliy Kulikov <segooon@gmail.com>
Date: Wed, 27 Oct 2010 15:34:21 -0700
Subject: drivers/char/applicom.c: fix information leak to userland

Structure st_loc is copied to userland with some fields unitialized.  It
leads to leaking of stack memory.

Signed-off-by: Vasiliy Kulikov <segooon@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---
 drivers/char/applicom.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'drivers/char')

diff --git a/drivers/char/applicom.c b/drivers/char/applicom.c
index e7ba774beda6..25373df1dcf8 100644
--- a/drivers/char/applicom.c
+++ b/drivers/char/applicom.c
@@ -566,6 +566,7 @@ static ssize_t ac_read (struct file *filp, char __user *buf, size_t count, loff_
 				struct mailbox mailbox;
 
 				/* Got a packet for us */
+				memset(&st_loc, 0, sizeof(st_loc));
 				ret = do_ac_read(i, buf, &st_loc, &mailbox);
 				spin_unlock_irqrestore(&apbs[i].mutex, flags);
 				set_current_state(TASK_RUNNING);
-- 
cgit v1.2.3-59-g8ed1b