From 72a763d805a48ac8c0bf48fdb510e84c12de51fe Mon Sep 17 00:00:00 2001
From: Mathias Krause <minipli@googlemail.com>
Date: Sun, 7 Apr 2013 14:05:39 +0200
Subject: crypto: algif - suppress sending source address information in
 recvmsg

The current code does not set the msg_namelen member to 0 and therefore
makes net/socket.c leak the local sockaddr_storage variable to userland
-- 128 bytes of kernel stack memory. Fix that.

Cc: <stable@vger.kernel.org> # 2.6.38
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/algif_hash.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'crypto/algif_hash.c')

diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c
index ef5356cd280a..0262210cad38 100644
--- a/crypto/algif_hash.c
+++ b/crypto/algif_hash.c
@@ -161,6 +161,8 @@ static int hash_recvmsg(struct kiocb *unused, struct socket *sock,
 	else if (len < ds)
 		msg->msg_flags |= MSG_TRUNC;
 
+	msg->msg_namelen = 0;
+
 	lock_sock(sk);
 	if (ctx->more) {
 		ctx->more = 0;
-- 
cgit v1.2.3