blob: 825083b74160d2b0dba1152137b56f24b126a342 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
From 81d3106cf8f09c79fe20ad7d234d7e1dda27bddb Mon Sep 17 00:00:00 2001
From: Lee Duncan <lduncan@suse.com>
Date: Fri, 15 Dec 2017 11:11:17 -0800
Subject: [PATCH 3/7] Ensure all fields in iscsiuio IPC response are set
Make sure all fields in the response strcuture are set,
or info from the stack can be leaked to our caller.
Found by Qualsys.
CVE: CVE-2017-17840
Upstream-Status: Backport
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
---
iscsiuio/src/unix/iscsid_ipc.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/iscsiuio/src/unix/iscsid_ipc.c b/iscsiuio/src/unix/iscsid_ipc.c
index dfdae63..61e96cc 100644
--- a/iscsiuio/src/unix/iscsid_ipc.c
+++ b/iscsiuio/src/unix/iscsid_ipc.c
@@ -960,6 +960,8 @@ int process_iscsid_broadcast(int s2)
LOG_DEBUG(PFX "recv iscsid request: cmd: %d, payload_len: %d",
cmd, payload_len);
+ memset(&rsp, 0, sizeof(rsp));
+
switch (cmd) {
case ISCSID_UIP_IPC_GET_IFACE:
size = fread(&data->u.iface_rec, payload_len, 1, fd);
--
1.9.1
|
