From 26924fd508b21bb6145e77dc31b6cd0923193b72 Mon Sep 17 00:00:00 2001
From: Mark Vitale <mvitale@sinenomine.net>
Date: Tue, 26 Jun 2018 03:00:02 -0400
Subject: [PATCH] OPENAFS-SA-2018-002 volser: prevent AFSVolMonitor information
 leak

AFSVolMonitor (vos status) does not properly initialize its output
buffers.  This leaks information from volserver memory:

struct transDebugInfo
- up to 29 bytes in member lastProcName (30-'\0')
- 16 bytes in members readNext, tranmitNext, lastSendTime,
  lastReceiveTime

Initialize the buffers.  This must be done on a per-buffer basis inside
the loop, since realloc is used to expand the storage if needed,
and there is not a standard realloc API to zero the newly allocated storage.

[kaduk@mit.edu: update commit message]

Change-Id: I79091fc63435ed2a795955f95bb867bc625ad398
---
 src/volser/volprocs.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/volser/volprocs.c b/src/volser/volprocs.c
index 7061aac..3947803 100644
--- a/src/volser/volprocs.c
+++ b/src/volser/volprocs.c
@@ -2808,6 +2808,7 @@ VolMonitor(struct rx_call *acid, transDebugEntries *transInfo)
 	goto done;		/*no active transactions */
     for (tt = allTrans; tt; tt = nt) {	/*copy relevant info into pntr */
 	nt = tt->next;
+	memset(pntr, 0, sizeof(*pntr));
         VTRANS_OBJ_LOCK(tt);
 	pntr->tid = tt->tid;
 	pntr->time = tt->time;
-- 
1.9.4