OPENAFS-SA-2018-002 butc: prevent TC_ReadLabel information leak

TC_ReadLabel (backup readlabel) does not initialize its output buffer
completely.  It leaks butc memory contents over the wire:

struct tc_tapeLabel
- up to 32 bytes from member afsname (TC_MAXTAPELEN 32)
- up to 32 bytes from member pname (TC_MAXTAPELEN 32)

Initialize the buffer.

[kaduk@mit.edu: move initialization to the RPC stub]

Change-Id: I30f4aa32801791913b397a58c36c86c019dc51ef

diff --git a/src/butc/tcprocs.c b/src/butc/tcprocs.c
index d41112a..7154a18 100644 (file)
--- a/src/butc/tcprocs.c
+++ b/src/butc/tcprocs.c
@@ -372,6 +372,7 @@ STC_ReadLabel(struct rx_call *acid, struct tc_tapeLabel *label, afs_uint32 *task
 {
     afs_int32 code;
 
+    memset(label, 0, sizeof(*label));
 #ifdef xbsa
     if (CONF_XBSA)
        return (TC_BADTASK);    /* ReadLabel does not apply if XBSA */