staging: wilc1000: fix infoleak in wilc_wfi_cfgoperations

"mac" is an array allocated in stack without being initialized,
and will be sent out via "nla_put". The dump_station() is supposed
to initialize the mac address; otherwise, sensitive data in kernel
stack will be leaked. To fix this, copy the mac address to it.

Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
index 85031f75d7ee6ea778c853bbbb95601f33a3afe5..4b041356f823260b94bd2ba445e7e32395a3de3c 100644 (file)
--- a/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
+++ b/drivers/staging/wilc1000/wilc_wfi_cfgoperations.c
@@ -1804,6 +1804,7 @@ static int dump_station(struct wiphy *wiphy, struct net_device *dev,
 
        wilc_get_rssi(vif, &sinfo->signal);
 
+       memcpy(mac, priv->au8AssociatedBss, ETH_ALEN);
        return 0;
 }