projects / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 17dbec0)
can: dev: prevent potential information leak in can_fill_info()
authorDan Carpenter <dan.carpenter@oracle.com>
Thu, 21 Jan 2021 06:08:05 +0000 (09:08 +0300)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 3 Feb 2021 22:28:50 +0000 (23:28 +0100)
[ Upstream commit b552766c872f5b0d90323b24e4c9e8fa67486dd5 ]

The "bec" struct isn't necessarily always initialized. For example, the
mcp251xfd_get_berr_counter() function doesn't initialize anything if the
interface is down.

Fixes: 52c793f24054 ("can: netlink support for bus-error reporting and counters")
Link: https://lore.kernel.org/r/YAkaRdRJncsJO8Ve@mwanda
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>
drivers/net/can/dev.c patch | blob | history

diff --git a/drivers/net/can/dev.c b/drivers/net/can/dev.c
index 09879ae..24cd3c1 100644 (file)
--- a/drivers/net/can/dev.c
+++ b/drivers/net/can/dev.c
@@ -1163,7 +1163,7 @@ static int can_fill_info(struct sk_buff *skb, const struct net_device *dev)
 {
        struct can_priv *priv = netdev_priv(dev);
        struct can_ctrlmode cm = {.flags = priv->ctrlmode};
-       struct can_berr_counter bec;
+       struct can_berr_counter bec = { };
        enum can_state state = priv->state;
 
        if (priv->do_get_state)