LILiK
/
openwrt-packages-dist
5
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26587 Commits
1 Branch
46 MiB
Tree: b3869e1e46
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b3869e1e46'
${ noResults }
openwrt-packages-dist/net/rpcbind/patches/001-CVE-2017-8779-dos-via-m...

27 lines
824 B
Raw Normal View History

rpcbind: fix warmstart option, CVE-2017-8779 * always build with warmstart options * fix CVE-2017-8779 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
5 years ago
rpcbind: clean up patches using quilt The second one was manually modified as quilt gets confused by the *** and ends up removing the commit description. Signed-off-by: Rosen Penev <rosenp@gmail.com>
3 years ago
rpcbind: fix warmstart option, CVE-2017-8779 * always build with warmstart options * fix CVE-2017-8779 Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
5 years ago
 
  1. Submitted By: Ken Moffat <ken at linuxfromscratch dot org>
  2. Date: 2017-05-29
  3. Initial Package Version: 0.2.4 (also affects earlier versions)
  4. Upstream Status: Unknown
  5. Origin: Guido Vranken
  6. Description: Fixes CVE-2017-8779 (DOS by remote attackers - memory consumption
  7. without subsequent free).
  8. 

  9. --- a/src/rpcb_svc_com.c

  10. +++ b/src/rpcb_svc_com.c

  11. @@ -48,6 +48,7 @@

  12.  #include <rpc/rpc.h>
  13.  #include <rpc/rpcb_prot.h>
  14.  #include <rpc/svc_dg.h>
  15. +#include <rpc/rpc_com.h>

  16.  #include <netconfig.h>
  17.  #include <errno.h>
  18.  #include <syslog.h>
  19. @@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, stru

  20.  static bool_t
  21.  xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
  22.  {
  23. -	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));

  24. +	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE));

  25.  }
  26.  
  27.  /*