xdr_callmsg() should clear residual bytes
xdr_callmsg() function is not zeroing the residual bytes for both credential and verifier in the in-line XDR encoding code path. This violates RFC 4506 (Section 4.10) and could leak some uninitialized and thus possibly sensitive data over the wire.
We should modify both implementations of
xdr_callmsg() to properly zero the residual bytes. Similarly as
xdr_replymsg() does for the verifier residual bytes.
Updated by Marcel Telka over 4 years ago
To reproduce the problem run the attached test. It will show either leaked sensitive data (ee) or just a garbage (aa) in the encoded stream.
$ ./test 11223344 00000000 00000002 00000005 00000006 00000007 00000008 00000005 66666666 66eeeeee 00000009 00000005 77777777 77eeeeee $
Updated by Electric Monk over 4 years ago
- Status changed from Pending RTI to Closed
- % Done changed from 0 to 100
commit 45681b8b0e59cad83c1547d78e25d4b7f218d635 Author: Marcel Telka <firstname.lastname@example.org> Date: 2017-05-29T16:28:55.000Z 8238 xdr_callmsg() should clear residual bytes Reviewed by: Toomas Soome <email@example.com> Reviewed by: Yuri Pankov <firstname.lastname@example.org> Reviewed by: Gary Mills <email@example.com> Approved by: Robert Mustacchi <firstname.lastname@example.org>