From bd86cbcfd95f30bc10dc703a96ed54f516bb4b99 Mon Sep 17 00:00:00 2001
From: Mark Vitale <mvitale@sinenomine.net>
Date: Tue, 26 Jun 2018 05:00:25 -0400
Subject: [PATCH] OPENAFS-SA-2018-002 butc: prevent TC_ReadLabel information
 leak

TC_ReadLabel (backup readlabel) does not initialize its output buffer
completely.  It leaks butc memory contents over the wire:

struct tc_tapeLabel
- up to 32 bytes from member afsname (TC_MAXTAPELEN 32)
- up to 32 bytes from member pname (TC_MAXTAPELEN 32)

Initialize the buffer.

[kaduk@mit.edu: move initialization to the RPC stub]

(cherry picked from commit 52f4d63148323e7d605f9194ff8c1549756e654b)

(cherry picked from commit b7e53b9e9706d63215a1804ed9eca30d69461f03)

(cherry picked from commit 3e0294543d4f4ab58694e1aca393b961f05d7c8f)

Change-Id: I4e8ab1b94d36e9904a9505cd7f0e97cc6fb3a40f
---
 src/butc/tcprocs.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/butc/tcprocs.c b/src/butc/tcprocs.c
index 9efcbe89a5..17e601136c 100644
--- a/src/butc/tcprocs.c
+++ b/src/butc/tcprocs.c
@@ -388,6 +388,7 @@ STC_ReadLabel(struct rx_call *acid, struct tc_tapeLabel *label, afs_uint32 *task
 {
     afs_int32 code;
 
+    memset(label, 0, sizeof(*label));
 #ifdef xbsa
     if (CONF_XBSA)
 	return (TC_BADTASK);	/* ReadLabel does not apply if XBSA */