OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. openafs-stable-1_6_22_2-73-g0cdb370

Gerrit Code Review gerrit@openafs.org
Tue, 11 Sep 2018 15:00:57 -0400


The following commit has been merged in the openafs-stable-1_6_x branch:
commit 3e0294543d4f4ab58694e1aca393b961f05d7c8f
Author: Mark Vitale <mvitale@sinenomine.net>
Date:   Tue Jun 26 05:00:25 2018 -0400

    OPENAFS-SA-2018-002 butc: prevent TC_ReadLabel information leak
    
    TC_ReadLabel (backup readlabel) does not initialize its output buffer
    completely.  It leaks butc memory contents over the wire:
    
    struct tc_tapeLabel
    - up to 32 bytes from member afsname (TC_MAXTAPELEN 32)
    - up to 32 bytes from member pname (TC_MAXTAPELEN 32)
    
    Initialize the buffer.
    
    [kaduk@mit.edu: move initialization to the RPC stub]
    
    (cherry picked from commit 52f4d63148323e7d605f9194ff8c1549756e654b)
    
    (cherry picked from commit b7e53b9e9706d63215a1804ed9eca30d69461f03)
    
    Change-Id: I606fcf5afdb176cb4a2ca7bff0a56761b7ae2d48

 src/butc/tcprocs.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

-- 
OpenAFS Master Repository