Blame SOURCES/open-iscsi-2.0.875-16-Ensure-all-fields-in-iscsiuio-IPC-response-are-set.patch
|
 |
e88930 |
From be58eed849f5457bb49b79e94aa6a26971ba6deb Mon Sep 17 00:00:00 2001
|
|
|
e88930 |
From: Lee Duncan <lduncan@suse.com>
|
|
|
e88930 |
Date: Fri, 15 Dec 2017 11:11:17 -0800
|
|
|
e88930 |
Subject: [PATCH] Ensure all fields in iscsiuio IPC response are set
|
|
|
e88930 |
|
|
|
e88930 |
Make sure all fields in the response strcuture are set,
|
|
|
e88930 |
or info from the stack can be leaked to our caller.
|
|
|
e88930 |
Found by Qualsys.
|
|
|
e88930 |
---
|
|
|
e88930 |
iscsiuio/src/unix/iscsid_ipc.c | 2 ++
|
|
|
e88930 |
1 file changed, 2 insertions(+)
|
|
|
e88930 |
|
|
|
e88930 |
diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
|
|
|
e88930 |
index b5d7051b0558..c3b10e03774a 100644
|
|
|
e88930 |
--- a/iscsiuio/src/unix/iscsid_ipc.c
|
|
|
e88930 |
+++ b/iscsiuio/src/unix/iscsid_ipc.c
|
|
|
e88930 |
@@ -955,6 +955,8 @@ int process_iscsid_broadcast(int s2)
|
|
|
e88930 |
LOG_DEBUG(PFX "recv iscsid request: cmd: %d, payload_len: %d",
|
|
|
e88930 |
cmd, payload_len);
|
|
|
e88930 |
|
|
|
e88930 |
+ memset(&rsp, 0, sizeof(rsp));
|
|
|
e88930 |
+
|
|
|
e88930 |
switch (cmd) {
|
|
|
e88930 |
case ISCSID_UIP_IPC_GET_IFACE:
|
|
|
e88930 |
size = fread(&data->u.iface_rec, payload_len, 1, fd);
|
|
|
e88930 |
--
|
|
|
e88930 |
2.17.2
|
|
|
e88930 |
|