From: Daria Brashear <shadow@your-file-system.com>
Date: Wed, 8 Jul 2015 18:16:41 +0000 (-0400)
Subject: afs: Clear pioctl data interchange buffer before use
X-Git-Tag: upstream/1.8.0_pre1^2~303
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=592a99d6e693bc640e2bdfc2e7e5243fcedc8f93;p=packages%2Fo%2Fopenafs.git

afs: Clear pioctl data interchange buffer before use

Avoid leaking data in pioctl interchange buffers; clear the memory
when one is allocated.

FIXES 131892 (CVE-2015-3284)

Change-Id: I880bbaa75b07b491a08c62fb17527b9fff47ec8c
---

diff --git a/src/afs/afs_pioctl.c b/src/afs/afs_pioctl.c
index 53681e563..7cdc075ce 100644
--- a/src/afs/afs_pioctl.c
+++ b/src/afs/afs_pioctl.c
@@ -64,6 +64,11 @@ afs_pd_alloc(struct afs_pdata *apd, size_t size)
     if (apd->ptr == NULL)
 	return ENOMEM;
 
+    if (size > AFS_LRALLOCSIZ)
+	memset(apd->ptr, 0, size + 1);
+    else
+	memset(apd->ptr, 0, AFS_LRALLOCSIZ);
+
     apd->remaining = size;
 
     return 0;