OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. openafs-stable-1_6_22_2-73-g0cdb370

Gerrit Code Review gerrit@openafs.org
Tue, 11 Sep 2018 15:00:55 -0400


The following commit has been merged in the openafs-stable-1_6_x branch:
commit 40343287fbca6f4b1098f5b60ef9ff5416376b08
Author: Mark Vitale <mvitale@sinenomine.net>
Date:   Mon Jun 25 18:03:12 2018 -0400

    OPENAFS-SA-2018-002 ptserver: prevent PR_IDToName information leak
    
    SPR_IDToName does not completely initialize the return array of names,
    and thus leaks information from ptserver memory:
    
    - up to 62 bytes per requested id (PR_MAXNAMELEN 64 - 'a\0')
    
    Use calloc to ensure that all memory sent on the wire is initialized,
    preventing the information leak.
    
    [kaduk@mit.edu: switch to calloc; update commit message]
    
    (cherry picked from commit 70b0136d552a0077d3fae68f3aebacd985abd522)
    
    (cherry picked from commit c8c8682bb0e84ee5289fac3063119ae524773f61)
    
    Change-Id: I4adfb5071535fe89e80268feecbf3873e0a119f6

 src/ptserver/ptprocs.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

-- 
OpenAFS Master Repository