diff mbox series

[3/3] alfred: properly initialize stack buffer before sending over unix socket

Message ID 20220112210506.3488775-3-mareklindner@neomailbox.ch
State New
Delegated to: Simon Wunderlich
Headers show
Series [1/3] alfred: move interface check into helper function | expand

Commit Message

Marek Lindner Jan. 12, 2022, 9:05 p.m. UTC
Without explicitely initializing the buffer with null bytes, the stack
variables may contain process information which may be leaked when
transmitted via unix socket.
Also, the size of the variables sitting on the stack can be reduced.

Signed-off-by: Marek Lindner <mareklindner@neomailbox.ch>
---
 client.c | 4 ++++
 1 file changed, 4 insertions(+)
diff mbox series

Patch

diff --git a/client.c b/client.c
index b5d8943..cf15ff4 100644
--- a/client.c
+++ b/client.c
@@ -35,6 +35,7 @@  int alfred_client_request_data(struct globals *globals)
 		return -1;
 
 	len = sizeof(request);
+	memset(&request, 0, len);
 
 	request.header.type = ALFRED_REQUEST;
 	request.header.version = ALFRED_VERSION;
@@ -184,6 +185,7 @@  int alfred_client_modeswitch(struct globals *globals)
 		return -1;
 
 	len = sizeof(modeswitch);
+	memset(&modeswitch, 0, len);
 
 	modeswitch.header.type = ALFRED_MODESWITCH;
 	modeswitch.header.version = ALFRED_VERSION;
@@ -260,6 +262,7 @@  int alfred_client_change_interface(struct globals *globals)
 	}
 
 	len = sizeof(change_interface);
+	memset(&change_interface, 0, len);
 
 	change_interface.header.type = ALFRED_CHANGE_INTERFACE;
 	change_interface.header.version = ALFRED_VERSION;
@@ -308,6 +311,7 @@  int alfred_client_change_bat_iface(struct globals *globals)
 	}
 
 	len = sizeof(change_bat_iface);
+	memset(&change_bat_iface, 0, len);
 
 	change_bat_iface.header.type = ALFRED_CHANGE_BAT_IFACE;
 	change_bat_iface.header.version = ALFRED_VERSION;