git://git.openafs.org / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch (parent: 6292663)
afs: Clear pioctl data interchange buffer before use
authorDaria Brashear <shadow@your-file-system.com>
Wed, 8 Jul 2015 18:16:41 +0000 (14:16 -0400)
committerDaria Brashear <shadow@your-file-system.com>
Wed, 29 Jul 2015 22:25:13 +0000 (18:25 -0400)
Avoid leaking data in pioctl interchange buffers; clear the memory
when one is allocated.

FIXES 131892 (CVE-2015-3284)

Change-Id: I880bbaa75b07b491a08c62fb17527b9fff47ec8c

src/afs/afs_pioctl.c patch | blob | history

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index 53681e5..7cdc075 100644 (file)
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -64,6 +64,11 @@ afs_pd_alloc(struct afs_pdata *apd, size_t size)
     if (apd->ptr == NULL)
        return ENOMEM;
 
+    if (size > AFS_LRALLOCSIZ)
+       memset(apd->ptr, 0, size + 1);
+    else
+       memset(apd->ptr, 0, AFS_LRALLOCSIZ);
+
     apd->remaining = size;
 
     return 0;
OpenAFS Master Repository