jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 15:00:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

OPENAFS-SA-2018-002 afs: prevent RXAFSCB_GetLock information leak

Browse Source 
RXAFSCB_GetLock (cmdebug) does not correctly initialize its output.
This leaks kernel memory over the wire:

struct AFSDBLock
- up to 14 bytes for member name (16 - '<cellname>\0')

Initialize the buffer.

(cherry picked from commit b52eb11a08)

Change-Id: If84c5d9d805356cd56be77313149a931a948b4d5
This commit is contained in:
Mark Vitale 2018-06-26 03:47:41 -04:00 committed by Benjamin Kaduk
parent e19ad4cdde
commit 3dea4adaa3
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/afs/afs_callback.c
View File

@ -306,6 +306,7 @@ SRXAFSCB_GetLock(struct rx_call *a_call, afs_int32 a_index,
XSTATS_START_CMTIME(AFS_STATS_CM_RPCIDX_GETLOCK);
AFS_STATCNT(SRXAFSCB_GetLock);
memset(a_result, 0, sizeof(*a_result));
nentries = sizeof(ltable) / sizeof(struct ltable);
if (a_index < 0 || a_index >= nentries+afs_cellindex) {
/*