ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings

[ Upstream commit 077cb37f ] It seems that kernel memory can leak into userspace by a kmalloc, ethtool_get_strings, then copy_to_user sequence. Avoid this by using kcalloc to zero fill the copied buffer. Signed-off-by: Joe Perches <joe@perches.com> Acked-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings
[ Upstream commit 077cb37f ] It seems that kernel memory can leak into userspace by a kmalloc, ethtool_get_strings, then copy_to_user sequence. Avoid this by using kcalloc to zero fill the copied buffer. Signed-off-by: Joe Perches <joe@perches.com> Acked-by: Ben Hutchings <ben@decadent.org.uk> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
8c7a0e49 · Joe Perches · Greg Kroah-Hartman · 321e1179 · 8c7a0e49
Commit 8c7a0e49 authored Oct 14, 2015 by Joe Perches Committed by Greg Kroah-Hartman Oct 27, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

net/core/ethtool.c net/core/ethtool.c +1 -1

No files found.
--- a/net/core/ethtool.c
+++ b/net/core/ethtool.c
@@ -1080,7 +1080,7 @@ static int ethtool_get_strings(struct net_device *dev, void __user *useraddr)

 	gstrings.len = ret;

-	data = kmalloc(gstrings.len * ETH_GSTRING_LEN, GFP_USER);
+	data = kcalloc(gstrings.len, ETH_GSTRING_LEN, GFP_USER);
 	if (!data)
 		return -ENOMEM;