From a26c5054ee501ec65db3104f6a6a0fef634d9ea7 Mon Sep 17 00:00:00 2001
From: Benjamin Kaduk <kaduk@mit.edu>
Date: Sun, 6 Nov 2016 23:29:22 -0600
Subject: [PATCH] afs: do not leak stale data in buffers

Similar to the previous commit, zero out the buffer when fetching
a new slot, to avoid the possibility of leaving stale data in
a reused buffer.

We are not supposed to write such stale data back to a fileserver,
but this is an extra precaution in case of bugs elsewhere -- memset
is not as expensive as it was in the 1980s.

Change-Id: I344e772e9ec3d909e8b578933dd9c6c66f0a8cf6
Reviewed-on: https://gerrit.openafs.org/12459
Reviewed-by: Mark Vitale <mvitale@sinenomine.net>
Tested-by: Mark Vitale <mvitale@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
---
 src/afs/afs_buffer.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/afs/afs_buffer.c b/src/afs/afs_buffer.c
index 4399473585..2220ae301c 100644
--- a/src/afs/afs_buffer.c
+++ b/src/afs/afs_buffer.c
@@ -379,6 +379,8 @@ afs_newslot(struct dcache *adc, afs_int32 apage, struct buffer *lp)
 	AFS_STATS(afs_stats_cmperf.bufFlushDirty++);
     }
 
+    /* Zero out the data so we don't leak something we shouldn't. */
+    memset(lp->data, 0, AFS_BUFFER_PAGESIZE);
     /* Now fill in the header. */
     lp->fid = adc->index;
     afs_copy_inode(&lp->inode, &adc->f.inode);