HomeFreeBSD

ctl: avoid heap info leak in ctl_request_sense

Description

ctl: avoid heap info leak in ctl_request_sense

Previously 3 bytes of data from the heap could be leaked to ctl
consumers.

Reported by: Synacktiv
Reviewed by: asomers, mav
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46091

(cherry picked from commit db87c98168b1605f067d283fa36a710369c3849d)
(cherry picked from commit 131b7dcb2fbf8f15815387f60536d9cc16585b0d)
(cherry picked from commit 51768dc31df6379aa4a1447a15f054508d16b4b1)

Approved by: re (cperciva)

Details

Provenance
emasteAuthored on Aug 20 2024, 6:12 PM
Reviewer
asomers
Differential Revision
Restricted Differential Revision
Parents
rGe3819923655c: amdsmn(4), amdtemp(4): add support for AMD Ryzen 7 "Phoenix" processors
Branches
Unknown
Tags
Unknown

Event Timeline