From: Vegard Nossum <vegard.nossum@gmail.com>
Date: Sun, 30 Nov 2008 11:17:19 +0000 (+0100)
Subject: Bluetooth: Fix leak of uninitialized data to userspace
X-Git-Tag: v2.6.29-rc1~581^2~343^2~9
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c6bf514c6e0171c5b731beffaa0c4463e2335f3d;p=pandora-kernel.git

Bluetooth: Fix leak of uninitialized data to userspace

    struct hci_dev_list_req {
            __u16  dev_num;
            struct hci_dev_req dev_req[0];  /* hci_dev_req structures */
    };

sizeof(struct hci_dev_list_req) == 4, so the two bytes immediately
following "dev_num" will never be initialized. When this structure
is copied to userspace, these uninitialized bytes are leaked.

Fix by using kzalloc() instead of kmalloc(). Found using kmemcheck.

Signed-off-by: Vegard Nossum <vegard.nossum@gmail.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
---

Reading git-diff-tree failed