jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-31 05:27:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

OPENAFS-SA-2018-002 afs: prevent RXAFSCB_GetLock information leak

Browse Source 
RXAFSCB_GetLock (cmdebug) does not correctly initialize its output.
This leaks kernel memory over the wire:

struct AFSDBLock
- up to 14 bytes for member name (16 - '<cellname>\0')

Initialize the buffer.

Change-Id: I4c5c8d67816c51645c0db44dc8f19b1b27c02757
This commit is contained in:
Mark Vitale 2018-06-26 03:47:41 -04:00 committed by Benjamin Kaduk
parent 9d1aeb5d76
commit b52eb11a08
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/afs/afs_callback.c
View File

@ -306,6 +306,7 @@ SRXAFSCB_GetLock(struct rx_call *a_call, afs_int32 a_index,
XSTATS_START_CMTIME(AFS_STATS_CM_RPCIDX_GETLOCK); XSTATS_START_CMTIME(AFS_STATS_CM_RPCIDX_GETLOCK);
AFS_STATCNT(SRXAFSCB_GetLock); AFS_STATCNT(SRXAFSCB_GetLock);
memset(a_result, 0, sizeof(*a_result));
nentries = sizeof(ltable) / sizeof(struct ltable); nentries = sizeof(ltable) / sizeof(struct ltable);
if (a_index < 0 || a_index >= nentries+afs_cellindex) { if (a_index < 0 || a_index >= nentries+afs_cellindex) {
/* /*