From 48dff11f07b5a70fab268847d6be26bf8a9bf535 Mon Sep 17 00:00:00 2001
From: Peter Korsgaard <jacmet@sunsite.dk>
Date: Tue, 29 Apr 2008 12:20:46 +0200
Subject: [PATCH] ping: fix ping request information leak

The ping applet doesn't clear the padding bytes on the ping request packets
in the FEATURE_FANCY_PING case, causing an information leak of stack contents.

./scripts/bloat-o-meter busybox_unstripped{,_new}
function                                             old     new   delta
sendping4                                            447     455      +8
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 1/0 up/down: 8/0)                 Total: 8 bytes

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
---
 networking/ping.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/networking/ping.c b/networking/ping.c
index 2991486..9c9403b 100644
--- a/networking/ping.c
+++ b/networking/ping.c
@@ -372,6 +372,7 @@ static void sendping4(int junk ATTRIBUTE_UNUSED)
 	 * *after* packet. Saves one if() */
 	struct icmp *pkt = alloca(datalen + ICMP_MINLEN + 4);
 
+	memset(pkt, 0, datalen + ICMP_MINLEN + 4);
 	pkt->icmp_type = ICMP_ECHO;
 	pkt->icmp_code = 0;
 	pkt->icmp_cksum = 0;
@@ -391,6 +392,7 @@ static void sendping6(int junk ATTRIBUTE_UNUSED)
 {
 	struct icmp6_hdr *pkt = alloca(datalen + sizeof(struct icmp6_hdr) + 4);
 
+	memset(pkt, 0, datalen + sizeof(struct icmp6_hdr) + 4);
 	pkt->icmp6_type = ICMP6_ECHO_REQUEST;
 	pkt->icmp6_code = 0;
 	pkt->icmp6_cksum = 0;
-- 
1.5.4.4