> -----Original Message-----
> From: Colin King [mailto:[email protected]]
> Sent: Monday, May 15, 2017 8:56 AM
> To: Raghava Aditya Renukunta <[email protected]>;
> dl-esc-Aacraid Linux Driver <[email protected]>; James E . J . Bottomley
> <[email protected]>; Martin K . Petersen
> <[email protected]>; [email protected]
> Cc: [email protected]; [email protected]
> Subject: [PATCH] scsi: aacraid: fix leak of data from stack back to userspace
>
> From: Colin Ian King <[email protected]>
>
> The fields sense_data_size and sense_data are unitialized garbage from the
> stack and are being copied back to userspace. Fix this leak of stack information
> by ensuring they are zero'd.
>
> Detected by CoverityScan, CID#1435473 ("Uninitialized scalar variable")
>
> Fixes: 423400e64d377 ("scsi: aacraid: Include HBA direct interface")
> Signed-off-by: Colin Ian King <[email protected]>
> ---
> drivers/scsi/aacraid/commctrl.c | 2 ++
> 1 file changed, 2 insertions(+)
>
Acked-by: Dave Carroll <[email protected]>