OpenAFS Master Repository branch, master, updated. BP-openafs-stable-1_8_x-220-gd5816fd

Gerrit Code Review gerrit@openafs.org
Tue, 11 Sep 2018 15:01:00 -0400


The following commit has been merged in the master branch:
commit 76e62c1de868c2b2e3cc56a35474e15dc4cc1551
Author: Mark Vitale <mvitale@sinenomine.net>
Date:   Tue Jun 26 02:33:05 2018 -0400

    OPENAFS-SA-2018-002 volser: prevent AFSVolPartitionInfo(64) information leak
    
    AFSVolPartitionInfo and AFSVolPartitionInfo64 (vos partinfo) do not
    properly initialize their reply buffers.  This leaks the contents of
    volserver memory over the wire:
    
    AFSVolPartitionInfo (struct diskPartition)
    - up to 24 bytes in member name (32-'/vicepa\0'))
    - up to 12 bytes in member devName (32-'/vicepa/Lock/vicepa\0'))
    
    AFSVolPartitionInfo64 (struct diskPartition64)
    - up to 248 bytes in member name (256-'/vicepa\0'))
    - up to 236 bytes in member devName (256-'/vicepa/Lock/vicepa\0')
    
    Initialize the output buffers.
    
    [kaduk@mit.edu: move memset to top-level function scope of RPC handlers]
    
    Change-Id: If64c02f36f10f52bfbab4b21ad1f60032c223c82

 src/volser/volprocs.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

-- 
OpenAFS Master Repository