]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eea4665)
afs: Clear pioctl data interchange buffer before use
authorDaria Brashear <shadow@your-file-system.com>
Wed, 8 Jul 2015 18:16:41 +0000 (14:16 -0400)
committerDaria Brashear <shadow@your-file-system.com>
Thu, 30 Jul 2015 03:59:44 +0000 (23:59 -0400)
Avoid leaking data in pioctl interchange buffers; clear the memory
when one is allocated.

FIXES 131892 (CVE-2015-3284)

(cherry picked from commit 592a99d6e693bc640e2bdfc2e7e5243fcedc8f93)

Change-Id: I90fef404978bd7aae3eb88836bcd4f95587fd45c

src/afs/afs_pioctl.c patch | blob | history

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index e9a84e3d2f983682dee0ba9469a23f029b7cc00b..89a56b97602806225645e0b8aec1adbea2c8164b 100644 (file)
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -62,6 +62,11 @@ afs_pd_alloc(struct afs_pdata *apd, size_t size)
     if (apd->ptr == NULL)
        return ENOMEM;
 
+    if (size > AFS_LRALLOCSIZ)
+       memset(apd->ptr, 0, size + 1);
+    else
+       memset(apd->ptr, 0, AFS_LRALLOCSIZ);
+
     apd->remaining = size;
 
     return 0;