OPENAFS-SA-2018-002 ptserver: prevent PR_IDToName information leak

SPR_IDToName does not completely initialize the return array of names,
and thus leaks information from ptserver memory:

- up to 62 bytes per requested id (PR_MAXNAMELEN 64 - 'a\0')

Use calloc to ensure that all memory sent on the wire is initialized,
preventing the information leak.

[kaduk@mit.edu: switch to calloc; update commit message]

(cherry picked from commit 70b0136d552a0077d3fae68f3aebacd985abd522)

(cherry picked from commit c8c8682bb0e84ee5289fac3063119ae524773f61)

Change-Id: I4adfb5071535fe89e80268feecbf3873e0a119f6

diff --git a/src/ptserver/ptprocs.c b/src/ptserver/ptprocs.c
index f9f48fc..181cc28 100644 (file)
--- a/src/ptserver/ptprocs.c
+++ b/src/ptserver/ptprocs.c
@@ -687,7 +687,7 @@ idToName(struct rx_call *call, idlist *aid, namelist *aname)
        return 0;
     if (size < 0 || size > INT_MAX / PR_MAXNAMELEN)
        return PRTOOMANY;
-    aname->namelist_val = (prname *) malloc(size * PR_MAXNAMELEN);
+    aname->namelist_val = (prname *) calloc(size, PR_MAXNAMELEN);
     aname->namelist_len = 0;
     if (aname->namelist_val == 0)
        return PRNOMEM;