From: Dan Carpenter <dan.carpenter@oracle.com>
Date: Tue, 29 Jun 2021 08:19:44 +0000 (+0300)
Subject: sctp: prevent info leak in sctp_make_heartbeat()
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=a34dcbfa1475f18a8f1b1dc3dedb76d746874e61;p=linux.git

sctp: prevent info leak in sctp_make_heartbeat()

The "hbinfo" struct has a 4 byte hole at the end so we have to zero it
out to prevent stack information from being disclosed.

Fixes: fe59379b9ab7 ("sctp: do the basic send and recv for PLPMTUD probe")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---

diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c
index 6c08e5048d383..b8fa8f1a72770 100644
--- a/net/sctp/sm_make_chunk.c
+++ b/net/sctp/sm_make_chunk.c
@@ -1163,7 +1163,7 @@ struct sctp_chunk *sctp_make_heartbeat(const struct sctp_association *asoc,
 				       const struct sctp_transport *transport,
 				       __u32 probe_size)
 {
-	struct sctp_sender_hb_info hbinfo;
+	struct sctp_sender_hb_info hbinfo = {};
 	struct sctp_chunk *retval;
 
 	retval = sctp_make_control(asoc, SCTP_CID_HEARTBEAT, 0,