OPENAFS-SA-2018-002 budb: prevent BUDB_* information leaks

The following budb RPCs do not initialize their output correctly.
This leaks buserver memory contents over the wire:

BUDB_FindLatestDump (backup dump)
BUDB_FindDump (backup volrestore, diskrestore, volsetrestore)
BUDB_GetDumps (backup dumpinfo)
BUDB_FindLastTape (backup dump)

struct budb_dumpEntry
- up to 32 bytes in member volumeSetName
- up to 256 bytes in member dumpPath
- up to 32 bytes in member name
- up to 32 bytes in member tape.tapeServer
- up to 32 bytes in member tape.format
- up to 256 bytes in member dumper.name
- up to 128 bytes in member dumper.instance
- up to 256 bytes in member dumper.cell

Initialize the buffer in common routine FillDumpEntry.

Change-Id: Ic057a6c906ce2acd39e0e4ea0a0ba1e100bba3e9

diff --git a/src/budb/procs.c b/src/budb/procs.c
index f2987d3..f976ff3 100644 (file)
--- a/src/budb/procs.c
+++ b/src/budb/procs.c
@@ -424,6 +424,7 @@ FillDumpEntry(struct ubik_trans *ut, dbadr da, void *rock)
     struct budb_dumpEntry *dump = (struct budb_dumpEntry *)rock;
     struct dump d, ad;
 
+    memset(dump, 0, sizeof(*dump));
     if (dbread(ut, da, &d, sizeof(d)))
        return BUDB_IO;
     dump->id = ntohl(d.id);