From: Jason Gunthorpe <jgg@mellanox.com>
Date: Thu, 5 Apr 2018 02:58:13 +0000 (-0600)
Subject: RDMA/qedr: Zero stack memory before copying to user space
X-Git-Tag: v4.17-rc1~94^2~11
X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=commitdiff_plain;h=57939021e8f882d13a5263a9d682c64ae00c578d;p=linux.git

RDMA/qedr: Zero stack memory before copying to user space

The fact this struct was not init'd like all the others was missed when
the padding reserved field was added.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Fixes: 71e80a4781af ("RDMA/qedr: Fix uABI structure layouts for 32/64 compat")
Acked-by: Michal Kalderon <Michal.Kalderon@cavium.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>
---

diff --git a/drivers/infiniband/hw/qedr/verbs.c b/drivers/infiniband/hw/qedr/verbs.c
index a9f494fb892a..1835dc9eb3e3 100644
--- a/drivers/infiniband/hw/qedr/verbs.c
+++ b/drivers/infiniband/hw/qedr/verbs.c
@@ -473,9 +473,9 @@ struct ib_pd *qedr_alloc_pd(struct ib_device *ibdev,
 	pd->pd_id = pd_id;
 
 	if (udata && context) {
-		struct qedr_alloc_pd_uresp uresp;
-
-		uresp.pd_id = pd_id;
+		struct qedr_alloc_pd_uresp uresp = {
+			.pd_id = pd_id,
+		};
 
 		rc = qedr_ib_copy_to_udata(udata, &uresp, sizeof(uresp));
 		if (rc) {