OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. openafs-stable-1_6_22_2-73-g0cdb370
Gerrit Code Review
gerrit@openafs.org
Tue, 11 Sep 2018 15:00:55 -0400
The following commit has been merged in the openafs-stable-1_6_x branch:
commit 40343287fbca6f4b1098f5b60ef9ff5416376b08
Author: Mark Vitale <mvitale@sinenomine.net>
Date: Mon Jun 25 18:03:12 2018 -0400
OPENAFS-SA-2018-002 ptserver: prevent PR_IDToName information leak
SPR_IDToName does not completely initialize the return array of names,
and thus leaks information from ptserver memory:
- up to 62 bytes per requested id (PR_MAXNAMELEN 64 - 'a\0')
Use calloc to ensure that all memory sent on the wire is initialized,
preventing the information leak.
[kaduk@mit.edu: switch to calloc; update commit message]
(cherry picked from commit 70b0136d552a0077d3fae68f3aebacd985abd522)
(cherry picked from commit c8c8682bb0e84ee5289fac3063119ae524773f61)
Change-Id: I4adfb5071535fe89e80268feecbf3873e0a119f6
src/ptserver/ptprocs.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
--
OpenAFS Master Repository