xfrm_user: fix info leak in build_expire()
The memory reserved to dump the expired xfrm state includes padding bytes in struct xfrm_user_expire added by the compiler for alignment. To prevent the heap info leak, memset(0) the remainder of the struct. Initializing the whole structure isn't needed as copy_to_user_state() already takes care of clearing the padding bytes within the 'state' member. Signed-off-by: NMathias Krause <minipli@googlemail.com> Signed-off-by: NSteffen Klassert <steffen.klassert@secunet.com>
Showing
想要评论请 注册 或 登录