Re: [RFC][PATCH] inotify 0.13

From: Robert Love
Date: Wed Oct 06 2004 - 17:36:50 EST

Next message: David S. Miller: "Re: UDP recvmsg blocks after select(), 2.6 bug?"
Previous message: Chris Friesen: "Re: UDP recvmsg blocks after select(), 2.6 bug?"
In reply to: Robert Love: "Re: [RFC][PATCH] inotify 0.13"
Next in thread: Robert Love: "Re: [RFC][PATCH] inotify 0.13"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Everything sent to user-space needs to be zeroed out first, to prevent
leaking random kernel memory. So, we need to zero out the
inotify_kernel_event structure after allocating it.

We need to do this even though we initialize the fields in case of
structure padding. Also, the filename field.

Patch is attached, on top of 0.13.1.

Robert Love

Signed-Off-By: Robert Love <rml@xxxxxxxxxx>

drivers/char/inotify.c | 3 +++
1 files changed, 3 insertions(+)

diff -urN linux-inotify-0.13/drivers/char/inotify.c linux/drivers/char/inotify.c
--- linux-inotify-0.13/drivers/char/inotify.c 2004-10-06 16:47:54.000000000 -0400
+++ linux/drivers/char/inotify.c 2004-10-06 18:20:55.604363400 -0400
@@ -140,6 +140,9 @@
goto out;
}

+ /* we hand this out to user-space, so zero it out just in case */
+ memset(kevent, 0, sizeof(struct inotify_kernel_event));
+
iprintk(INOTIFY_DEBUG_ALLOC, "alloced kevent %p (%d,%d)\n",
kevent, wd, mask);

Next message: David S. Miller: "Re: UDP recvmsg blocks after select(), 2.6 bug?"
Previous message: Chris Friesen: "Re: UDP recvmsg blocks after select(), 2.6 bug?"
In reply to: Robert Love: "Re: [RFC][PATCH] inotify 0.13"
Next in thread: Robert Love: "Re: [RFC][PATCH] inotify 0.13"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]