daftaupe/opt
1
0
Fork 0
forked from ports/opt
Code Pull Requests Activity

[notify] rpcbind: security fix for CVE-2017-8779

Browse Source
This commit is contained in:
Juergen Daubert 2017-07-06 14:37:05 +02:00
parent 0854b7051f
commit 251e7dc40b
4 changed files with 34 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
rpcbind/.md5sum
View File

@ -1,2 +1,3 @@
78bfe054cf620249b228350f5e8730f7 rpcbind
cf10cd41ed8228fc54c316191c1f07fe rpcbind-0.2.4.tar.bz2
db5756cdc1cf70ccf2d3e90d44fe404a rpcbind-CVE-2017-8779.patch

5
rpcbind/.signature
View File

@ -1,6 +1,7 @@
untrusted comment: verify with /etc/ports/opt.pub
RWSE3ohX2g5d/d9y8Yl3eCtT9N+wnpbYvi2w+YH1oCvL7e+iQX+otO1glXi/S+OmQxVNZRyl58rJ93rErED5wqc+msbFoegwCgc=
SHA256 (Pkgfile) = d3d0b4b4321359ef3a1f1fceb02d91bf6672d5e6480e170fd38c0e7caef6f552
RWSE3ohX2g5d/T9IML5QmrNm6nBLf8eCB9F4jlaa3iPM9yOZbqP6cXts2i6nz42OOrOmQmxVau42wZpmGSGnXjQBNASFYFXIYAM=
SHA256 (Pkgfile) = 9d6a767db6fd04745a28b799260ba8edb25fba35b4083f045473ced826430e74
SHA256 (.footprint) = 6d7a05e556df2d89ba9965aa2c7afac7c362edb73ca0be465ba237dc4d2ac5e1
SHA256 (rpcbind-0.2.4.tar.bz2) = 074a9a530dc7c11e0d905aa59bcb0847c009313f02e98d3d798aa9568f414c66
SHA256 (rpcbind-CVE-2017-8779.patch) = df10706a774370ea9dd0c3ba65d7574088a82a0ab80a6c87164f0382f30b83fe
SHA256 (rpcbind) = b8173ec0b927705100eab42f24797ac36ea7c5987475cba47474b5c73a117f1a

8
rpcbind/Pkgfile
View File

@ -5,13 +5,17 @@
name=rpcbind
version=0.2.4
release=1
release=2
source=(http://downloads.sourceforge.net/project/$name/$name/$version/$name-$version.tar.bz2 \
rpcbind)
rpcbind-CVE-2017-8779.patch rpcbind)
build() {
cd $name-$version
# security fix, see
#http://openwall.com/lists/oss-security/2017/05/03/12
patch -p1 -i $SRC/rpcbind-CVE-2017-8779.patch
./configure --prefix=/usr \
--bindir=/sbin \
--disable-libwrap \

24
rpcbind/rpcbind-CVE-2017-8779.patch Normal file
View File

@ -0,0 +1,24 @@
# http://openwall.com/lists/oss-security/2017/05/03/12
# https://github.com/guidovranken/rpcbomb
diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
index 5862c26..e11f61b 100644
--- a/src/rpcb_svc_com.c
+++ b/src/rpcb_svc_com.c
@@ -48,6 +48,7 @@
#include <rpc/rpc.h>
#include <rpc/rpcb_prot.h>
#include <rpc/svc_dg.h>
+#include <rpc/rpc_com.h>
#include <netconfig.h>
#include <errno.h>
#include <syslog.h>
@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/,
static bool_t
xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
{
- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
+ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE));
}
/*