diff options
author | Zhen Ni <zhen.ni@easystack.cn> | 2025-09-28 14:37:37 +0800 |
---|---|---|
committer | Dmitry Torokhov <dmitry.torokhov@gmail.com> | 2025-09-28 21:29:03 -0700 |
commit | d3366a04770eea807f2826cbdb96934dd8c9bf79 (patch) | |
tree | c784d41db269eb74c16f34c8a0ffc1e4867993ca /scripts/lib/kdoc/kdoc_re.py | |
parent | 52e06d564ce6a5f03177922b2fa5667781d5ff83 (diff) |
Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak
Struct ff_effect_compat is embedded twice inside
uinput_ff_upload_compat, contains internal padding. In particular, there
is a hole after struct ff_replay to satisfy alignment requirements for
the following union member. Without clearing the structure,
copy_to_user() may leak stack data to userspace.
Initialize ff_up_compat to zero before filling valid fields.
Fixes: 2d56f3a32c0e ("Input: refactor evdev 32bit compat to be shareable with uinput")
Cc: stable@vger.kernel.org
Signed-off-by: Zhen Ni <zhen.ni@easystack.cn>
Link: https://lore.kernel.org/r/20250928063737.74590-1-zhen.ni@easystack.cn
Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
Diffstat (limited to 'scripts/lib/kdoc/kdoc_re.py')
0 files changed, 0 insertions, 0 deletions