Re: [Security] [PATCH] xfs: prevent leaking uninitialized stack memory in FSGEOMETRY_V1

[Eugene Teo <eugeneteo@xxxxxxxxxx>]

On Thu, Feb 10, 2011 at 10:25 PM, Dan Rosenberg
<drosenberg@xxxxxxxxxxxxx> wrote:
> The FSGEOMETRY_V1 ioctl (and its compat equivalent) calls out to
> xfs_fs_geometry() with a version number of 3.  This code path does not
> fill in the logsunit member of the passed xfs_fsop_geom_t, leading to
> the leaking of four bytes of uninitialized stack data to potentially
> unprivileged callers.  Since all other members are filled in all code
> paths and there are no padding bytes in this structure, it's safe to
> avoid an expensive memset() in favor of just clearing this one field.
>
> Signed-off-by: Dan Rosenberg <drosenberg@xxxxxxxxxxxxx>

There are three callers to xfs_fs_geometry() with version number 3 and
4. I don't see any for version number 2, so this looks fine.

Reviewed-by: Eugene Teo <eugeneteo@xxxxxxxxxx>

Thanks, Eugene