From: Mark Vitale <mvitale@sinenomine.net>
Date: Tue, 26 Jun 2018 08:39:44 +0000 (-0400)
Subject: OPENAFS-SA-2018-002 budb: prevent BUDB_* information leaks
X-Git-Tag: upstream/1.8.2^2~18
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=6f26a945adeca87b669282eed0eaca3dca0a1423;p=packages%2Fo%2Fopenafs.git

OPENAFS-SA-2018-002 budb: prevent BUDB_* information leaks

The following budb RPCs do not initialize their output correctly.
This leaks buserver memory contents over the wire:

BUDB_FindLatestDump (backup dump)
BUDB_FindDump (backup volrestore, diskrestore, volsetrestore)
BUDB_GetDumps (backup dumpinfo)
BUDB_FindLastTape (backup dump)

struct budb_dumpEntry
- up to 32 bytes in member volumeSetName
- up to 256 bytes in member dumpPath
- up to 32 bytes in member name
- up to 32 bytes in member tape.tapeServer
- up to 32 bytes in member tape.format
- up to 256 bytes in member dumper.name
- up to 128 bytes in member dumper.instance
- up to 256 bytes in member dumper.cell

Initialize the buffer in common routine FillDumpEntry.

(cherry picked from commit e96771471134102d3879a0ac8b2c4ef9d91a61b8)

Change-Id: I85ec8a21966386baa8243326072e5730726cba96
---

diff --git a/src/budb/procs.c b/src/budb/procs.c
index f2987d311..f976ff3aa 100644
--- a/src/budb/procs.c
+++ b/src/budb/procs.c
@@ -424,6 +424,7 @@ FillDumpEntry(struct ubik_trans *ut, dbadr da, void *rock)
     struct budb_dumpEntry *dump = (struct budb_dumpEntry *)rock;
     struct dump d, ad;
 
+    memset(dump, 0, sizeof(*dump));
     if (dbread(ut, da, &d, sizeof(d)))
 	return BUDB_IO;
     dump->id = ntohl(d.id);