OPENAFS-SA-2016-002 AFSStoreStatus information leak

[openafs.git] / src / afs / afs_segments.c

diff --git a/src/afs/afs_segments.c b/src/afs/afs_segments.c
index db75daa..69f7445 100644 (file)
--- a/src/afs/afs_segments.c
+++ b/src/afs/afs_segments.c
@@ -55,6 +55,7 @@ afs_StoreMini(struct vcache *avc, struct vrequest *areq)
        tlen = avc->f.truncPos;
     avc->f.truncPos = AFS_NOTRUNC;
     avc->f.states &= ~CExtendedFile;
+    memset(&InStatus, 0, sizeof(InStatus));
 
     do {
        tc = afs_Conn(&avc->f.fid, areq, SHARED_LOCK, &rxconn);
@@ -174,8 +175,6 @@ afs_StoreAllSegments(struct vcache *avc, struct vrequest *areq,
 
     AFS_STATCNT(afs_StoreAllSegments);
 
-    hset(oldDV, avc->f.m.DataVersion);
-    hset(newDV, avc->f.m.DataVersion);
     hash = DVHash(&avc->f.fid);
     foreign = (avc->f.states & CForeign);
     dcList = osi_AllocLargeSpace(AFS_LRALLOCSIZ);
@@ -213,6 +212,14 @@ afs_StoreAllSegments(struct vcache *avc, struct vrequest *areq,
        /*printf("Net down in afs_StoreSegments\n");*/
        return ENETDOWN;
     }
+
+    /*
+     * Can't do this earlier because osi_VM_StoreAllSegments drops locks
+     * and can indirectly do some stores that increase the DV.
+     */
+    hset(oldDV, avc->f.m.DataVersion);
+    hset(newDV, avc->f.m.DataVersion);
+
     ConvertWToSLock(&avc->lock);
 
     /*
@@ -545,7 +552,7 @@ afs_InvalidateAllSegments(struct vcache *avc)
                 * invalidate all of the relevant chunks. Otherwise, the chunks
                 * will be left with the 'new' data that was never successfully
                 * written to the server, but the DV in the dcache is still the
-                * old DV. So, we may indefintely serve serve applications data
+                * old DV. So, we may indefinitely serve data to applications
                 * that is not actually in the file on the fileserver. If we
                 * cannot afs_GetValidDSlot the appropriate entries, currently
                 * there is no way to ensure the dcache is invalidated. So for