From e6a623460e5fc960ac3ee9f946d3106233fd28d8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Salva=20Peir=C3=B3?= <speiro@ai2.upv.es>
Date: Wed, 30 Apr 2014 19:48:02 +0200
Subject: [PATCH] [media] media-device: fix infoleak in ioctl media_enum_entities()
Mime-version: 1.0
Content-type: text/plain; charset=UTF-8
Content-transfer-encoding: 8bit
Git-commit: e6a623460e5fc960ac3ee9f946d3106233fd28d8
Patch-mainline: 3.15-rc6
References: bnc#882804,CVE-2014-1739

This fixes CVE-2014-1739.

Signed-off-by: Salva Peiró <speiro@ai2.upv.es>
Acked-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Cc: stable@vger.kernel.org
Signed-off-by: Mauro Carvalho Chehab <m.chehab@samsung.com>
Acked-by: Takashi Iwai <tiwai@suse.de>

---
 drivers/media/media-device.c |    1 +
 1 file changed, 1 insertion(+)

--- a/drivers/media/media-device.c
+++ b/drivers/media/media-device.c
@@ -89,6 +89,7 @@ static long media_device_enum_entities(s
 	struct media_entity *ent;
 	struct media_entity_desc u_ent;
 
+	memset(&u_ent, 0, sizeof(u_ent));
 	if (copy_from_user(&u_ent.id, &uent->id, sizeof(u_ent.id)))
 		return -EFAULT;
 
