From a0c31b2ca39fdf06364553194ce725c4912265b3 Mon Sep 17 00:00:00 2001
From: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Date: Sat, 4 Jan 2020 07:38:37 +0200
Subject: libcamera: ipc_unixsocket: Don't send uninitialized bytes over the
 socket
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

IPCUnixSocket::send() sends a IPCUnixSocket::Header allocated on the
stack. All the fields of the header are initialized, but the padding
bytes are not. This results in random data being sent over the UNIX
socket, potentially leaking information.

Fix this by initializing the whole header to 0.

Fixes: 13dd7a01ecbe ("libcamera: ipc: unix: Add a IPC mechanism based on Unix sockets")
Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Reviewed-by: Niklas Söderlund <niklas.soderlund@ragnatech.se>
---
 src/libcamera/ipc_unixsocket.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/libcamera')

diff --git a/src/libcamera/ipc_unixsocket.cpp b/src/libcamera/ipc_unixsocket.cpp
index def08eef..eb1a5023 100644
--- a/src/libcamera/ipc_unixsocket.cpp
+++ b/src/libcamera/ipc_unixsocket.cpp
@@ -172,7 +172,7 @@ int IPCUnixSocket::send(const Payload &payload)
 	if (!isBound())
 		return -ENOTCONN;
 
-	Header hdr;
+	Header hdr = {};
 	hdr.data = payload.data.size();
 	hdr.fds = payload.fds.size();
 
-- 
cgit v1.2.1