jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-31 05:27:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

OPENAFS-SA-2018-002 volser: prevent AFSVolMonitor information leak

Browse Source 
AFSVolMonitor (vos status) does not properly initialize its output
buffers.  This leaks information from volserver memory:

struct transDebugInfo
- up to 29 bytes in member lastProcName (30-'\0')
- 16 bytes in members readNext, tranmitNext, lastSendTime,
  lastReceiveTime

Initialize the buffers.  This must be done on a per-buffer basis inside
the loop, since realloc is used to expand the storage if needed,
and there is not a standard realloc API to zero the newly allocated storage.

[kaduk@mit.edu: update commit message]

(cherry picked from commit 26924fd508b21bb6145e77dc31b6cd0923193b72)

(cherry picked from commit 2d22756de7af2c72b8aca6969825f8e921f01d6c)

Change-Id: Id819ffc2774cf5cb374ca19b7040282ba542654b
This commit is contained in:
Mark Vitale 2018-06-26 03:00:02 -04:00 committed by Benjamin Kaduk
parent f1c9c0160e
commit 37cbe68577
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/volser/volprocs.c
View File

@ -2853,6 +2853,7 @@ VolMonitor(struct rx_call *acid, transDebugEntries *transInfo)
goto done; /*no active transactions */ goto done; /*no active transactions */
for (tt = allTrans; tt; tt = nt) { /*copy relevant info into pntr */ for (tt = allTrans; tt; tt = nt) { /*copy relevant info into pntr */
nt = tt->next; nt = tt->next;
memset(pntr, 0, sizeof(*pntr));
VTRANS_OBJ_LOCK(tt); VTRANS_OBJ_LOCK(tt);
pntr->tid = tt->tid; pntr->tid = tt->tid;
pntr->time = tt->time; pntr->time = tt->time;