[libcamera-devel] [PATCH] libcamera: ipc_unixsocket: Don't send uninitialized bytes over the socket
Niklas Söderlund
niklas.soderlund at ragnatech.se
Tue Jan 7 13:11:03 CET 2020
Hi Laurent,
Thanks for your patch.
On 2020-01-04 07:41:27 +0200, Laurent Pinchart wrote:
> IPCUnixSocket::send() sends a IPCUnixSocket::Header allocated on the
> stack. All the fields of the header are initialized, but the padding
> bytes are not. This results in random data being sent over the UNIX
> socket, potentially leaking information.
>
> Fix this by initializing the whole header to 0.
>
> Fixes: 13dd7a01ecbe ("libcamera: ipc: unix: Add a IPC mechanism based on Unix sockets")
> Signed-off-by: Laurent Pinchart <laurent.pinchart at ideasonboard.com>
Reviewed-by: Niklas Söderlund <niklas.soderlund at ragnatech.se>
> ---
> src/libcamera/ipc_unixsocket.cpp | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/libcamera/ipc_unixsocket.cpp b/src/libcamera/ipc_unixsocket.cpp
> index def08eef00f8..eb1a50239188 100644
> --- a/src/libcamera/ipc_unixsocket.cpp
> +++ b/src/libcamera/ipc_unixsocket.cpp
> @@ -172,7 +172,7 @@ int IPCUnixSocket::send(const Payload &payload)
> if (!isBound())
> return -ENOTCONN;
>
> - Header hdr;
> + Header hdr = {};
> hdr.data = payload.data.size();
> hdr.fds = payload.fds.size();
>
> --
> Regards,
>
> Laurent Pinchart
>
> _______________________________________________
> libcamera-devel mailing list
> libcamera-devel at lists.libcamera.org
> https://lists.libcamera.org/listinfo/libcamera-devel
--
Regards,
Niklas Söderlund
More information about the libcamera-devel
mailing list