Browse Source

Merge pull request #15981 from Andy2244/rpcbind-1.2.6

rpcbind: update to 1.2.6
lilik-openwrt-22.03
Rosen Penev 3 years ago
committed by GitHub
parent
commit
84f42d6b9e
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 67 deletions
  1. +3
    -3
      net/rpcbind/Makefile
  2. +0
    -64
      net/rpcbind/patches/002-fix_stack_buffer_overflow.patch

+ 3
- 3
net/rpcbind/Makefile View File

@ -1,12 +1,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=rpcbind
PKG_VERSION:=1.2.5
PKG_RELEASE:=4
PKG_VERSION:=1.2.6
PKG_RELEASE:=$(AUTORELEASE)
PKG_SOURCE_URL:=@SF/rpcbind
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_HASH:=2ce360683963b35c19c43f0ee2c7f18aa5b81ef41c3fdbd15ffcb00b8bffda7a
PKG_HASH:=5613746489cae5ae23a443bb85c05a11741a5f12c8f55d2bb5e83b9defeee8de
PKG_MAINTAINER:=Andy Walsh <andy.walsh44+github@gmail.com>
PKG_LICENSE:=BSD-3-Clause


+ 0
- 64
net/rpcbind/patches/002-fix_stack_buffer_overflow.patch View File

@ -1,64 +0,0 @@
From 0bc1c0ae7ce61a7ac8a8e9a9b2086268f011abf0 Mon Sep 17 00:00:00 2001
From: Steve Dickson <steved@redhat.com>
Date: Tue, 9 Oct 2018 09:19:50 -0400
Subject: [PATCH] rpcinfo: Fix stack buffer overflow
buffer overflow detected: rpcinfo terminated
======= Backtrace: =========
/lib64/libc.so.6(+0x721af)[0x7ff24c4451af]
/lib64/libc.so.6(__fortify_fail+0x37)[0x7ff24c4ccdc7]
/lib64/libc.so.6(+0xf8050)[0x7ff24c4cb050]
rpcinfo(+0x435f)[0xef3be2635f]
rpcinfo(+0x1c62)[0xef3be23c62]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7ff24c3f36e5]
rpcinfo(+0x2739)[0xef3be24739]
======= Memory map: ========
...
The patch below fixes it.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Thomas Blume <thomas.blume@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
---
src/rpcinfo.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
--- a/src/rpcinfo.c
+++ b/src/rpcinfo.c
@@ -973,6 +973,7 @@ rpcbdump (dumptype, netid, argc, argv)
(" program version(s) netid(s) service owner\n");
for (rs = rs_head; rs; rs = rs->next)
{
+ size_t netidmax = sizeof(buf) - 1;
char *p = buf;
printf ("%10ld ", rs->prog);
@@ -985,12 +986,22 @@ rpcbdump (dumptype, netid, argc, argv)
}
printf ("%-10s", buf);
buf[0] = '\0';
- for (nl = rs->nlist; nl; nl = nl->next)
- {
- strcat (buf, nl->netid);
- if (nl->next)
- strcat (buf, ",");
- }
+
+ for (nl = rs->nlist; nl; nl = nl->next)
+ {
+ strncat (buf, nl->netid, netidmax);
+ if (strlen (nl->netid) < netidmax)
+ netidmax -= strlen(nl->netid);
+ else
+ break;
+
+ if (nl->next && netidmax > 1)
+ {
+ strncat (buf, ",", netidmax);
+ netidmax --;
+ }
+ }
+
printf ("%-32s", buf);
rpc = getrpcbynumber (rs->prog);
if (rpc)

Loading…
Cancel
Save