OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. openafs-stable-1_6_16-16-g5ce1027
Gerrit Code Review
gerrit@openafs.org
Wed, 16 Mar 2016 11:05:58 -0400
The following commit has been merged in the openafs-stable-1_6_x branch:
commit 90cb77f975244c77ef929be723e5b871247cbe9d
Author: Benjamin Kaduk <kaduk@mit.edu>
Date: Sun Mar 13 12:56:24 2016 -0500
OPENAFS-SA-2016-002 AFSStoreStatus information leak
Marc Dionne reported that portions of the AFSStoreStatus structure
were not written to before being sent over the network for
operations such as create, symlink, etc., leaking the contents
of the kernel stack to observers. Which fields in the request
are used are controlled by a flags field, and so if a field was
not going to be used by the server, it was sometimes left
uninitialized.
Fix the information leak by zeroing out the structure before use.
FIXES 132847
Change-Id: Iebcac04d1ff70df06d054ddb3b886ab422fb2a14
src/WINNT/afsd/cm_dcache.c | 1 +
src/afs/VNOPS/afs_vnop_attrs.c | 3 +++
src/afs/VNOPS/afs_vnop_create.c | 1 +
src/afs/VNOPS/afs_vnop_dirops.c | 1 +
src/afs/VNOPS/afs_vnop_symlink.c | 1 +
src/afs/afs_disconnected.c | 1 +
src/afs/afs_segments.c | 1 +
src/libafscp/afscp_file.c | 1 +
src/venus/afsio.c | 1 +
9 files changed, 11 insertions(+), 0 deletions(-)
--
OpenAFS Master Repository