HomeFreeBSD

ctl: avoid heap info leak in ctl_request_sense

Description

ctl: avoid heap info leak in ctl_request_sense

Previously 3 bytes of data from the heap could be leaked to ctl
consumers.

Reported by: Synacktiv
Reviewed by: asomers, mav
Sponsored by: The Alpha-Omega Project
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46091

(cherry picked from commit db87c98168b1605f067d283fa36a710369c3849d)
(cherry picked from commit 131b7dcb2fbf8f15815387f60536d9cc16585b0d)

Approved by: so

Details

Provenance
emasteAuthored on Aug 20 2024, 6:12 PM
Reviewer
asomers
Differential Revision
Restricted Differential Revision
Parents
rG1c872882803a: ctl: fix Out-Of-Bounds access in ctl_report_supported_opcodes
Branches
Unknown
Tags
Unknown