jimzah/openafs
1
0
Fork 0
mirror of https://git.openafs.org/openafs.git synced 2025-01-18 15:00:12 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

OPENAFS-SA-2018-002 butc: prevent TC_ReadLabel information leak

Browse Source 
TC_ReadLabel (backup readlabel) does not initialize its output buffer
completely.  It leaks butc memory contents over the wire:

struct tc_tapeLabel
- up to 32 bytes from member afsname (TC_MAXTAPELEN 32)
- up to 32 bytes from member pname (TC_MAXTAPELEN 32)

Initialize the buffer.

[kaduk@mit.edu: move initialization to the RPC stub]

(cherry picked from commit 52f4d63148)

(cherry picked from commit b7e53b9e97)

(cherry picked from commit 3e0294543d)

Change-Id: I4e8ab1b94d36e9904a9505cd7f0e97cc6fb3a40f
This commit is contained in:
Mark Vitale 2018-06-26 05:00:25 -04:00 committed by Benjamin Kaduk
parent 5c6589b395
commit bd86cbcfd9
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/butc/tcprocs.c
View File

@ -388,6 +388,7 @@ STC_ReadLabel(struct rx_call *acid, struct tc_tapeLabel *label, afs_uint32 *task
{
afs_int32 code;
memset(label, 0, sizeof(*label));
#ifdef xbsa
if (CONF_XBSA)
return (TC_BADTASK); /* ReadLabel does not apply if XBSA */