tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Zero it if you're going to copy it out.



>>>>> "Thor" == Thor Lancelot Simon <tls%panix.com@localhost> writes:

    Thor> On Mon, Jun 25, 2012 at 02:16:33PM +0100, Roger Pau Monne wrote:
    >> 
    >> Yes, it doesn't hurt to zero memory if returning it to the
    >> user. Who knows what might be there previously.

    Thor> I'm sorry, I can't let this go.

Cheers Thor, it's easy to lose sight of how easily kernel holes can be
introduced.

    Thor> This is not a case of "it doesn't hurt" -- it's a case of
    Thor> "it's absolutely necessary".  It is completely unacceptable to
    Thor> leak the contents of kernel memory to the user!

I think Roger's point is that only the bits that are overwritten from
userland are written back to userland - but to be fair to him, he didn't
introduce this - the original code made the same omission. However I
agree, the memory needs to be zeroed as a matter of best practice in
this case and *ALWAYS* in the general case.

Cheers,
-- 
Cherry


Home | Main Index | Thread Index | Old Index