[PATCH] ping: fix ping request information leak
Denys Vlasenko
vda.linux at googlemail.com
Tue Apr 29 12:30:29 UTC 2008
On Tuesday 29 April 2008 12:36, Peter Korsgaard wrote:
> From: Peter Korsgaard <jacmet at sunsite.dk>
>
> The ping applet doesn't clear the padding bytes on the ping request packets
> in the FEATURE_FANCY_PING case, causing an information leak of stack contents.
>
> ./scripts/bloat-o-meter busybox_unstripped{,_new}
> function old new delta
> sendping4 447 455 +8
> ------------------------------------------------------------------------------
> (add/remove: 0/0 grow/shrink: 1/0 up/down: 8/0) Total: 8 bytes
Hmm, and where's sendping6? Ah, you probably dont have IPv6 on...
>
> + memset(pkt, 0, datalen + ICMP_MINLEN + 4);
> pkt->icmp_type = ICMP_ECHO;
> pkt->icmp_code = 0;
> pkt->icmp_cksum = 0;
and these assignments of zeros may die now.
Applied, thanks.
--
vda
More information about the busybox
mailing list