Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
rpcbind
0032-fix-remote-rpcbind-denial-of-service-vulne...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0032-fix-remote-rpcbind-denial-of-service-vulnerability.patch of Package rpcbind
From 9f4ee59e189c505bfdec2d0efa12f3fe42adbbf2 Mon Sep 17 00:00:00 2001 From: Thomas Blume <Thomas.Blume@suse.com> Date: Fri, 5 May 2017 14:35:54 +0200 Subject: [PATCH] fix remote rpcbind denial-of-service vulnerability VUL-0: CVE-2017-8779: rpcbomb: remote rpcbind denial-of-service (bsc#1037559) --- src/rpcb_svc_com.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c index 5862c26..e11f61b 100644 --- a/src/rpcb_svc_com.c +++ b/src/rpcb_svc_com.c @@ -48,6 +48,7 @@ #include <rpc/rpc.h> #include <rpc/rpcb_prot.h> #include <rpc/svc_dg.h> +#include <rpc/rpc_com.h> #include <netconfig.h> #include <errno.h> #include <syslog.h> @@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/, static bool_t xdr_encap_parms(XDR *xdrs, struct encap_parms *epp) { - return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0)); + return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE)); } /* -- 2.12.0
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor