jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-31 05:27:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

OPENAFS-SA-2018-002 kaserver: prevent KAM_ListEntry information leak

Browse Source 
KAM_ListEntry (kas list) does not initialize its output correctly.  It
leaks kaserver memory contents over the wire:

struct kaindex
- up to 64 bytes for member name
- up to 64 bytes for member instance

Initialize the buffer.

[kaduk@mit.edu: move initialization to top of server routine]

(cherry picked from commit b604ee7add7be416bf20973422a041e913d20761)

(cherry picked from commit c912830e9c82d91bccf85018ef1e6a75edc410c4)

Change-Id: I51229a121cbc4e428169635e8fc46321fb52b813
This commit is contained in:
Mark Vitale 2018-06-26 05:26:21 -04:00 committed by Benjamin Kaduk
parent a41b75a13b
commit 04fb009f15
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/kauth/kaprocs.c
View File

@ -1695,6 +1695,7 @@ kamListEntry(struct rx_call *call,
afs_int32 caller;
struct kaentry tentry;
memset(name, 0, sizeof(*name));
COUNT_REQ(ListEntry);
if ((code = InitAuthServ(&tt, LOCKREAD, this_op)))
return code;