UPSTREAM: ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt The stack object “r1” has a total size of 32 bytes. Its field “event” and “val” both contain 4 bytes padding. These 8 bytes padding bytes are sent to user without being initialized. Signed-off-by: Kangjie Lu <kjlu@gatech.edu> Signed-off-by: Takashi Iwai <tiwai@suse.de> Bug: None Patchset: alsa-info-leak-fixes (cherry-picked from e4ec8cc8039a7063e24204299b462bd1383184a5) Signed-off-by: Mattias Nissler <mnissler@google.com> Change-Id: I773118fa3920f852c56c4687d5606bbe3f138ca6

commit: 5466883730e1a4ad318651f4f650eef93e75679d [log] [tgz]
author: Kangjie Lu <kangjielu@gmail.com> Tue May 03 16:44:32 2016 -0400
committer: Mattias Nissler <mnissler@google.com> Wed Jul 20 16:18:43 2016 +0200
tree: 2fdda8c878c44044d55719269f643fdb74dce12d
parent: 4ffd2647e7b3d77befe6d0c52f5c6c6fec8b7702 [diff]
diff --git a/sound/core/timer.c b/sound/core/timer.c
index 541053d..a3f547b 100644
--- a/sound/core/timer.c
+++ b/sound/core/timer.c

@@ -1282,6 +1282,7 @@
 	}
 	if ((tu->filter & (1 << SNDRV_TIMER_EVENT_RESOLUTION)) &&
 	    tu->last_resolution != resolution) {
+		memset(&r1, 0, sizeof(r1));
 		r1.event = SNDRV_TIMER_EVENT_RESOLUTION;
 		r1.tstamp = tstamp;
 		r1.val = resolution;
commit	5466883730e1a4ad318651f4f650eef93e75679d	[log] [tgz]
author	Kangjie Lu <kangjielu@gmail.com>	Tue May 03 16:44:32 2016 -0400
committer	Mattias Nissler <mnissler@google.com>	Wed Jul 20 16:18:43 2016 +0200
tree	2fdda8c878c44044d55719269f643fdb74dce12d
parent	4ffd2647e7b3d77befe6d0c52f5c6c6fec8b7702 [diff]