summaryrefslogtreecommitdiffstats
path: root/arch/arm/nwfpe/softfloat-specialize
diff options
context:
space:
mode:
authorLennert Buytenhek <buytenh@wantstofly.org>2005-11-07 22:12:07 +0100
committerRussell King <rmk+kernel@arm.linux.org.uk>2005-11-07 22:12:07 +0100
commit06c03cac9487555478c7d80065ebf7818bf6fd06 (patch)
tree1a03ff9ae347f40c11d0e3eee790a1b88ff29cc1 /arch/arm/nwfpe/softfloat-specialize
parent[ARM SMP] Add Realview MPcore SMP support (diff)
downloadlinux-06c03cac9487555478c7d80065ebf7818bf6fd06.tar.xz
linux-06c03cac9487555478c7d80065ebf7818bf6fd06.zip
[ARM] 3117/1: nwfpe kernel memory info leak
Patch from Lennert Buytenhek The routine that nwfpe uses for converting floats/doubles to extended precision fails to zero two bytes of kernel stack. This is not immediately obvious, as the floatx80 structure has 16 bits of implicit padding (by design.) These two bytes are copied to userspace when an stfe is emulated, causing a possible info leak. Make the padding explicit and zero it out in the relevant places. Signed-off-by: Lennert Buytenhek <buytenh@wantstofly.org> Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
Diffstat (limited to 'arch/arm/nwfpe/softfloat-specialize')
-rw-r--r--arch/arm/nwfpe/softfloat-specialize1
1 files changed, 1 insertions, 0 deletions
diff --git a/arch/arm/nwfpe/softfloat-specialize b/arch/arm/nwfpe/softfloat-specialize
index acf409144763..d4a4c8e06635 100644
--- a/arch/arm/nwfpe/softfloat-specialize
+++ b/arch/arm/nwfpe/softfloat-specialize
@@ -332,6 +332,7 @@ static floatx80 commonNaNToFloatx80( commonNaNT a )
z.low = LIT64( 0xC000000000000000 ) | ( a.high>>1 );
z.high = ( ( (bits16) a.sign )<<15 ) | 0x7FFF;
+ z.__padding = 0;
return z;
}