Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/807033/?format=api
{ "id": 807033, "url": "http://patchwork.ozlabs.org/api/patches/807033/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/patch/1504002694-1931-6-git-send-email-steffen.klassert@secunet.com/", "project": { "id": 7, "url": "http://patchwork.ozlabs.org/api/projects/7/?format=api", "name": "Linux network development", "link_name": "netdev", "list_id": "netdev.vger.kernel.org", "list_email": "netdev@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<1504002694-1931-6-git-send-email-steffen.klassert@secunet.com>", "list_archive_url": null, "date": "2017-08-29T10:31:32", "name": "[5/7] xfrm_user: fix info leak in xfrm_notify_sa()", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": true, "hash": "40844dd961193b29aa4fd0d511c3de58b41869c4", "submitter": { "id": 1442, "url": "http://patchwork.ozlabs.org/api/people/1442/?format=api", "name": "Steffen Klassert", "email": "steffen.klassert@secunet.com" }, "delegate": { "id": 34, "url": "http://patchwork.ozlabs.org/api/users/34/?format=api", "username": "davem", "first_name": "David", "last_name": "Miller", "email": "davem@davemloft.net" }, "mbox": "http://patchwork.ozlabs.org/project/netdev/patch/1504002694-1931-6-git-send-email-steffen.klassert@secunet.com/mbox/", "series": [ { "id": 343, "url": "http://patchwork.ozlabs.org/api/series/343/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/list/?series=343", "date": "2017-08-29T10:31:28", "name": "[1/7] net: xfrm: don't double-hold dst when sk_policy in use.", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/343/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/807033/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/807033/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<netdev-owner@vger.kernel.org>", "X-Original-To": "patchwork-incoming@ozlabs.org", "Delivered-To": "patchwork-incoming@ozlabs.org", "Authentication-Results": "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)", "Received": [ "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xhQSG5fw3z9t4X\n\tfor <patchwork-incoming@ozlabs.org>;\n\tTue, 29 Aug 2017 20:51:45 +1000 (AEST)", "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1752292AbdH2Kby (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tTue, 29 Aug 2017 06:31:54 -0400", "from a.mx.secunet.com ([62.96.220.36]:50688 \"EHLO a.mx.secunet.com\"\n\trhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP\n\tid S1752246AbdH2Kbo (ORCPT <rfc822;netdev@vger.kernel.org>);\n\tTue, 29 Aug 2017 06:31:44 -0400", "from localhost (localhost [127.0.0.1])\n\tby a.mx.secunet.com (Postfix) with ESMTP id 361D2201A7;\n\tTue, 29 Aug 2017 12:31:43 +0200 (CEST)", "from a.mx.secunet.com ([127.0.0.1])\n\tby localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024)\n\twith ESMTP id kxQuIh5ule25; Tue, 29 Aug 2017 12:31:42 +0200 (CEST)", "from mail-essen-01.secunet.de (mail-essen-01.secunet.de\n\t[10.53.40.204])\n\t(using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby a.mx.secunet.com (Postfix) with ESMTPS id DDC1A20184;\n\tTue, 29 Aug 2017 12:31:41 +0200 (CEST)", "from gauss2.secunet.de (10.182.7.193) by mail-essen-01.secunet.de\n\t(10.53.40.204) with Microsoft SMTP Server id 14.3.361.1;\n\tTue, 29 Aug 2017 12:31:41 +0200", "by gauss2.secunet.de (Postfix, from userid 1000) id 4798C14058B;\n\tTue, 29 Aug 2017 12:31:41 +0200 (CEST)" ], "X-Virus-Scanned": "by secunet", "From": "Steffen Klassert <steffen.klassert@secunet.com>", "To": "David Miller <davem@davemloft.net>", "CC": "Herbert Xu <herbert@gondor.apana.org.au>,\n\tSteffen Klassert <steffen.klassert@secunet.com>, <netdev@vger.kernel.org>", "Subject": "[PATCH 5/7] xfrm_user: fix info leak in xfrm_notify_sa()", "Date": "Tue, 29 Aug 2017 12:31:32 +0200", "Message-ID": "<1504002694-1931-6-git-send-email-steffen.klassert@secunet.com>", "X-Mailer": "git-send-email 2.7.4", "In-Reply-To": "<1504002694-1931-1-git-send-email-steffen.klassert@secunet.com>", "References": "<1504002694-1931-1-git-send-email-steffen.klassert@secunet.com>", "MIME-Version": "1.0", "Content-Type": "text/plain", "X-G-Data-MailSecurity-for-Exchange-State": "0", "X-G-Data-MailSecurity-for-Exchange-Error": "0", "X-G-Data-MailSecurity-for-Exchange-Sender": "23", "X-G-Data-MailSecurity-for-Exchange-Server": "d65e63f7-5c15-413f-8f63-c0d707471c93", "X-EXCLAIMER-MD-CONFIG": "2c86f778-e09b-4440-8b15-867914633a10", "X-G-Data-MailSecurity-for-Exchange-Guid": "4B86F3AB-6C14-4B2A-9D4B-C324B3941653", "Sender": "netdev-owner@vger.kernel.org", "Precedence": "bulk", "List-ID": "<netdev.vger.kernel.org>", "X-Mailing-List": "netdev@vger.kernel.org" }, "content": "From: Mathias Krause <minipli@googlemail.com>\n\nThe memory reserved to dump the ID of the xfrm state includes a padding\nbyte in struct xfrm_usersa_id added by the compiler for alignment. To\nprevent the heap info leak, memset(0) the whole struct before filling\nit.\n\nCc: Herbert Xu <herbert@gondor.apana.org.au>\nFixes: 0603eac0d6b7 (\"[IPSEC]: Add XFRMA_SA/XFRMA_POLICY for delete notification\")\nSigned-off-by: Mathias Krause <minipli@googlemail.com>\nSigned-off-by: Steffen Klassert <steffen.klassert@secunet.com>\n---\n net/xfrm/xfrm_user.c | 1 +\n 1 file changed, 1 insertion(+)", "diff": "diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c\nindex 3259555..c33516e 100644\n--- a/net/xfrm/xfrm_user.c\n+++ b/net/xfrm/xfrm_user.c\n@@ -2715,6 +2715,7 @@ static int xfrm_notify_sa(struct xfrm_state *x, const struct km_event *c)\n \t\tstruct nlattr *attr;\n \n \t\tid = nlmsg_data(nlh);\n+\t\tmemset(id, 0, sizeof(*id));\n \t\tmemcpy(&id->daddr, &x->id.daddr, sizeof(id->daddr));\n \t\tid->spi = x->id.spi;\n \t\tid->family = x->props.family;\n", "prefixes": [ "5/7" ] }