Skip to content

Commit

Permalink
UPSTREAM: video: fbdev: aty: do not leak uninitialized padding in clk…
Browse files Browse the repository at this point in the history 
… to userspace

'clk' is copied to a userland with padding byte(s) after 'vclk_post_div'
field unitialized, leaking data from the stack. Fix this ensuring all of
'clk' is initialized to zero.

BUG=chromium:762904
TEST=Build and run

Change-Id: I414c8ad7057bfb560bfd15d5342e45e4ea0edb52
References: torvalds/linux#441
Reported-by: sohu0106 <sohu0106@126.com>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Signed-off-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@samsung.com>
Signed-off-by: Guenter Roeck <groeck@chromium.org>
(cherry picked from commit 8e75f7a)
Reviewed-on: https://chromium-review.googlesource.com/673347
Reviewed-by: Dmitry Torokhov <dtor@chromium.org>
  • Loading branch information
@nefigtut
nefigtut authored and chrome-bot committed Sep 19, 2017
1 parent ec361ef commit 30e775d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion drivers/video/fbdev/aty/atyfb_base.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1861,7 +1861,7 @@ static int atyfb_ioctl(struct fb_info *info, u_int cmd, u_long arg)
#if defined(DEBUG) && defined(CONFIG_FB_ATY_CT)
case ATYIO_CLKR:
if (M64_HAS(INTEGRATED)) {
struct atyclk clk;
struct atyclk clk = { 0 };
union aty_pll *pll = &par->pll;
u32 dsp_config = pll->ct.dsp_config;
u32 dsp_on_off = pll->ct.dsp_on_off;
Expand Down

0 comments on commit 30e775d

Please sign in to comment.