[{"id":3341,"web_url":"https://patchwork.libcamera.org/comment/3341/","msgid":"<20200107121103.GA521610@oden.dyn.berto.se>","date":"2020-01-07T12:11:03","subject":"Re: [libcamera-devel] [PATCH] libcamera: ipc_unixsocket: Don't send\n\tuninitialized bytes over the socket","submitter":{"id":5,"url":"https://patchwork.libcamera.org/api/people/5/","name":"Niklas Söderlund","email":"niklas.soderlund@ragnatech.se"},"content":"Hi Laurent,\n\nThanks for your patch.\n\nOn 2020-01-04 07:41:27 +0200, Laurent Pinchart wrote:\n> IPCUnixSocket::send() sends a IPCUnixSocket::Header allocated on the\n> stack. All the fields of the header are initialized, but the padding\n> bytes are not. This results in random data being sent over the UNIX\n> socket, potentially leaking information.\n> \n> Fix this by initializing the whole header to 0.\n> \n> Fixes: 13dd7a01ecbe (\"libcamera: ipc: unix: Add a IPC mechanism based on Unix sockets\")\n> Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>\n\nReviewed-by: Niklas Söderlund <niklas.soderlund@ragnatech.se>\n\n> ---\n>  src/libcamera/ipc_unixsocket.cpp | 2 +-\n>  1 file changed, 1 insertion(+), 1 deletion(-)\n> \n> diff --git a/src/libcamera/ipc_unixsocket.cpp b/src/libcamera/ipc_unixsocket.cpp\n> index def08eef00f8..eb1a50239188 100644\n> --- a/src/libcamera/ipc_unixsocket.cpp\n> +++ b/src/libcamera/ipc_unixsocket.cpp\n> @@ -172,7 +172,7 @@ int IPCUnixSocket::send(const Payload &payload)\n>  \tif (!isBound())\n>  \t\treturn -ENOTCONN;\n>  \n> -\tHeader hdr;\n> +\tHeader hdr = {};\n>  \thdr.data = payload.data.size();\n>  \thdr.fds = payload.fds.size();\n>  \n> -- \n> Regards,\n> \n> Laurent Pinchart\n> \n> _______________________________________________\n> libcamera-devel mailing list\n> libcamera-devel@lists.libcamera.org\n> https://lists.libcamera.org/listinfo/libcamera-devel","headers":{"Return-Path":"<niklas.soderlund@ragnatech.se>","Received":["from mail-lf1-x143.google.com (mail-lf1-x143.google.com\n\t[IPv6:2a00:1450:4864:20::143])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id C5A1060461\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tTue,  7 Jan 2020 13:11:06 +0100 (CET)","by mail-lf1-x143.google.com with SMTP id n25so38726610lfl.0\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tTue, 07 Jan 2020 04:11:06 -0800 (PST)","from localhost (h-93-159.A463.priv.bahnhof.se. [46.59.93.159])\n\tby smtp.gmail.com with ESMTPSA id\n\tq11sm22978812ljm.76.2020.01.07.04.11.04\n\t(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n\tTue, 07 Jan 2020 04:11:04 -0800 (PST)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=ragnatech-se.20150623.gappssmtp.com; s=20150623;\n\th=date:from:to:cc:subject:message-id:references:mime-version\n\t:content-disposition:content-transfer-encoding:in-reply-to;\n\tbh=WQ8F51v3fuElUrx/nokS6EzFKYoIUQnA5COEEDhIQCQ=;\n\tb=nn4fUL53WAZ3As+P+lAZNe7Cp0Hj8FFcWQh/+9qn+0jKnJ7V2LGbjY3vzg2rrQjz54\n\t3XwuMoIrG4SprWr7m6VJTx8XGorc1FjD+eWTVOKVOVB+8RmCx4utaRw53Yi/4Emc6bLR\n\tLGGyeMIsy351AKn6N4RN1/PF3643PAp3973Amu97KEKz3lNDImVwv062t+brX8SNVQun\n\t/Uplq7/fmI/sBa9u2w/t7xrs/qtftr/uf6FCDVIFXVw6VumI2conyUacLGqcShko/Eg3\n\tPd1Ns969y5vQshxjdCdWsAodo7iRhTvSJLBvBBBzuuNCb9sS783+WApCKDNW0OVPtStd\n\t8wOg==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:date:from:to:cc:subject:message-id:references\n\t:mime-version:content-disposition:content-transfer-encoding\n\t:in-reply-to;\n\tbh=WQ8F51v3fuElUrx/nokS6EzFKYoIUQnA5COEEDhIQCQ=;\n\tb=gbAFiWRBJHb8OVsyuIuQ9cD7539zVdKI1YAbYwOBZxjrkKrWFZrL4qQK7RwmnTXI3q\n\tQMoZ6OvynSzMgdh/s7GRpO4DiQi4TxyLU+o7d8rVrs8ttwHa28BqnYLtwb3Z4j82ypsu\n\tAnYO+p5hEszzRxbgvio5JYx891Gydsr7w+zd0DyqIDou7enHzhEvZvDJO1ajw3rQXrQ4\n\tM4Y6er8ChyXNCiCtzg/dWA/cF0/EihSBK5fyWAVtvEoi0XrTQQjq3r4uyDohA7pkTT3X\n\twhxgOfkgY8NBJv4qRCx0x1Bz4yAMcYC3VineWjvvfehzguD9lj8Rf80Ke0QyXDwxfPKB\n\tc1lg==","X-Gm-Message-State":"APjAAAWpIElzNdvl3uz0H9rlsEKwY36wmOf2aTYJIM1ONpTdJ1+6v4tt\n\t3KTBctCuIR8XDQCnl9XTygV3SRaJUdU=","X-Google-Smtp-Source":"APXvYqz/m1dIg7FGt0hnAd0dEl8MbSYAAmUz6JaSMt6odmawFDsmINO0jgeLxgqB/uCsBAm6lSuYpg==","X-Received":"by 2002:ac2:44a3:: with SMTP id c3mr58830302lfm.1.1578399066042; \n\tTue, 07 Jan 2020 04:11:06 -0800 (PST)","Date":"Tue, 7 Jan 2020 13:11:03 +0100","From":"Niklas =?iso-8859-1?q?S=F6derlund?= <niklas.soderlund@ragnatech.se>","To":"Laurent Pinchart <laurent.pinchart@ideasonboard.com>","Cc":"libcamera-devel@lists.libcamera.org","Message-ID":"<20200107121103.GA521610@oden.dyn.berto.se>","References":"<20200104054127.14108-1-laurent.pinchart@ideasonboard.com>","MIME-Version":"1.0","Content-Type":"text/plain; charset=iso-8859-1","Content-Disposition":"inline","Content-Transfer-Encoding":"8bit","In-Reply-To":"<20200104054127.14108-1-laurent.pinchart@ideasonboard.com>","Subject":"Re: [libcamera-devel] [PATCH] libcamera: ipc_unixsocket: Don't send\n\tuninitialized bytes over the socket","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"<libcamera-devel.lists.libcamera.org>","List-Unsubscribe":"<https://lists.libcamera.org/options/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>","List-Archive":"<https://lists.libcamera.org/pipermail/libcamera-devel/>","List-Post":"<mailto:libcamera-devel@lists.libcamera.org>","List-Help":"<mailto:libcamera-devel-request@lists.libcamera.org?subject=help>","List-Subscribe":"<https://lists.libcamera.org/listinfo/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>","X-List-Received-Date":"Tue, 07 Jan 2020 12:11:07 -0000"}}]