From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <newlib-cvs-return-4012-listarch-newlib-cvs=sources.redhat.com@sourceware.org>
Received: (qmail 70117 invoked by alias); 20 Dec 2018 11:13:31 -0000
Mailing-List: contact newlib-cvs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <newlib-cvs.sourceware.org>
List-Subscribe: <mailto:newlib-cvs-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/newlib-cvs/>
List-Post: <mailto:newlib-cvs@sourceware.org>
List-Help: <mailto:newlib-cvs-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: newlib-cvs-owner@sourceware.org
Received: (qmail 70037 invoked by uid 10080); 20 Dec 2018 11:13:29 -0000
Date: Thu, 20 Dec 2018 11:13:00 -0000
Message-ID: <20181220111329.70034.qmail@sourceware.org>
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Sebastian Huber <sh@sourceware.org>
To: newlib-cvs@sourceware.org
Subject: [newlib-cygwin] Plug routing sysctl leaks.
X-Act-Checkin: newlib-cygwin
X-Git-Author: markj <markj@FreeBSD.org>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: a091d5da63f6711fe046e2a0f63d917e3b5254d4
X-Git-Newrev: 44756a36abd7157937d2ef9e862300fb3282d655
X-SW-Source: 2018-q4/txt/msg00042.txt.bz2

https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=44756a36abd7157937d2ef9e862300fb3282d655

commit 44756a36abd7157937d2ef9e862300fb3282d655
Author: markj <markj@FreeBSD.org>
Date:   Mon Nov 26 13:42:18 2018 +0000

    Plug routing sysctl leaks.
    
    Various structures exported by sysctl_rtsock() contain padding fields
    which were not being zeroed.
    
    Reported by:	Thomas Barabosch, Fraunhofer FKIE
    Reviewed by:	ae
    MFC after:	3 days
    Security:	kernel memory disclosure
    Sponsored by:	The FreeBSD Foundation
    Differential Revision:	https://reviews.freebsd.org/D18333

Diff:
---
 newlib/libc/sys/rtems/include/net/if.h | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/newlib/libc/sys/rtems/include/net/if.h b/newlib/libc/sys/rtems/include/net/if.h
index 54bb909..a9b875c 100644
--- a/newlib/libc/sys/rtems/include/net/if.h
+++ b/newlib/libc/sys/rtems/include/net/if.h
@@ -29,7 +29,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)if.h	8.1 (Berkeley) 6/10/93
- * $FreeBSD: head/sys/net/if.h 333502 2018-05-11 20:08:28Z mmacy $
+ * $FreeBSD: head/sys/net/if.h 340968 2018-11-26 13:42:18Z markj $
  */
 
 #ifndef _NET_IF_H_
@@ -271,6 +271,7 @@ struct if_msghdr {
 	int	ifm_addrs;	/* like rtm_addrs */
 	int	ifm_flags;	/* value of if_flags */
 	u_short	ifm_index;	/* index for associated ifp */
+	u_short	_ifm_spare1;
 	struct	if_data ifm_data;/* statistics and other data about if */
 };
 
@@ -296,6 +297,7 @@ struct if_msghdrl {
 	u_short _ifm_spare1;	/* spare space to grow if_index, see if_var.h */
 	u_short	ifm_len;	/* length of if_msghdrl incl. if_data */
 	u_short	ifm_data_off;	/* offset of if_data from beginning */
+	int	_ifm_spare2;
 	struct	if_data ifm_data;/* statistics and other data about if */
 };
 
@@ -311,6 +313,7 @@ struct ifa_msghdr {
 	int	ifam_addrs;	/* like rtm_addrs */
 	int	ifam_flags;	/* value of ifa_flags */
 	u_short	ifam_index;	/* index for associated ifp */
+	u_short	_ifam_spare1;
 	int	ifam_metric;	/* value of ifa_ifp->if_metric */
 };
 
@@ -352,6 +355,7 @@ struct ifma_msghdr {
 	int	ifmam_addrs;	/* like rtm_addrs */
 	int	ifmam_flags;	/* value of ifa_flags */
 	u_short	ifmam_index;	/* index for associated ifp */
+	u_short	_ifmam_spare1;
 };
 
 /*