mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity

[PATCH] Suspected information leak (mem pages) in ext2 

I think I have discovered a potential security problem in ext2: when a
new directory is created, the ext2 block written to disk is not
initialized.

Included is a proposed patch for Linux 2.6 (ext2_make_empty() function):

CAN-2005-0400 is assigned to this issue.

Signed-off-by: Chris Wright <chrisw@osdl.org>
This commit is contained in:
Mathieu Lafon 2005-03-25 17:50:01 -08:00 committed by Greg KH
parent ff8b1b95f7
commit 719f9e713a
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
fs/ext2/dir.c
View File

@ -592,6 +592,7 @@ int ext2_make_empty(struct inode *inode, struct inode *parent)
goto fail;
}
kaddr = kmap_atomic(page, KM_USER0);
memset(kaddr, 0, chunk_size);
de = (struct ext2_dir_entry_2 *)kaddr;
de->name_len = 1;
de->rec_len = cpu_to_le16(EXT2_DIR_REC_LEN(1));