From b3c3f2a9986151eb756add76612114be08e571e4 Mon Sep 17 00:00:00 2001
From: Ilja van Sprundel <ivansprundel@ioactive.com>
Date: Sun, 6 Oct 2019 21:02:10 +0200
Subject: [PATCH] fix uninitialized struct data leak

This change clears the tm structure on the stack before filling it in. This guarantees that the whole structure is initialized, and as such, no uninitialized stack data is copied to the caller.
---
 minix/drivers/clock/readclock/readclock.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/minix/drivers/clock/readclock/readclock.c b/minix/drivers/clock/readclock/readclock.c
index b3c0990ef..fbabddec2 100644
--- a/minix/drivers/clock/readclock/readclock.c
+++ b/minix/drivers/clock/readclock/readclock.c
@@ -7,6 +7,7 @@
 #include <time.h>
 #include <errno.h>
 #include <lib.h>
+#include <string.h>
 #include <minix/type.h>
 #include <minix/const.h>
 #include <minix/callnr.h>
@@ -70,6 +71,7 @@ main(int argc, char **argv)
 		switch (m.m_type) {
 		case RTCDEV_GET_TIME:
 			/* Any user can read the time */
+			memset(&t, 0x00, sizeof(t));
 			reply_status = rtc.get_time(&t, m.m_lc_readclock_rtcdev.flags);
 			if (reply_status != OK) {
 				break;