Re: CVE-2014-9900 fix is not upstream

From: Lennart Sorensen
Date: Wed Aug 24 2016 - 10:03:26 EST

Next message: LABBE Corentin: "Re: [PATCH v2 1/5] ethernet: add sun8i-emac driver"
Previous message: Leon Romanovsky: "Re: [PATCH for-next 2/2] IB/hns: Add support of ACPI to the Hisilicon RoCE driver"
Next in thread: Hannes Frederic Sowa: "Re: CVE-2014-9900 fix is not upstream"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 23, 2016 at 10:25:45PM +0100, Al Viro wrote:
> Sadly, sizeof is what we use when copying that sucker to userland. So these
> padding bits in the end would've leaked, true enough, and the case is somewhat
> weaker. And any normal architecture will have those, but then any such
> architecture will have no more trouble zeroing a 32bit value than 16bit one.

Hmm, good point. Too bad I don't see a compiler option of "zero all
padding in structs". Certainly generating the code should not really
be that different.

I see someone did request it 2 years ago:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=63479

--
Len Sorensen

Next message: LABBE Corentin: "Re: [PATCH v2 1/5] ethernet: add sun8i-emac driver"
Previous message: Leon Romanovsky: "Re: [PATCH for-next 2/2] IB/hns: Add support of ACPI to the Hisilicon RoCE driver"
Next in thread: Hannes Frederic Sowa: "Re: CVE-2014-9900 fix is not upstream"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]