rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Ed Blake <ed.blake@sondrel.com>
	Thu, 18 Jan 2018 18:05:31 +0000 (18:05 +0000)
committer	Peter Korsgaard <peter@korsgaard.com>
	Sun, 21 Jan 2018 20:18:25 +0000 (21:18 +0100)
commit	637f2b5e121bc7e1c9a96d0b6d636e4ef237a4ee
tree	7d2a4a20fbd9c8be10466b85830b479ec029e7cc	tree \| snapshot
parent	371d7e8495a46d800c4c7322c5c1d09612ed181c	commit \| diff

rpcbind: Backport fixes to memory leak security fix

Commit 954509f added a security fix for CVE-2017-8779, involving
pairing all svc_getargs() calls with svc_freeargs() to avoid a memory
leak.  However it also introduced a couple of issues:

- The call to svc_freeargs() from rpcbproc_callit_com() may result in
  an attempt to free static memory, resulting in undefined behaviour.

- A typo in the svc_freeargs() call from pmapproc_dump() causes NIS
  (aka ypbind) to fail.

Backport upstream fixes for these issues to version 0.2.3.

Signed-off-by: Ed Blake <ed.blake@sondrel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
(cherry picked from commit 5a9a95d0eb15c189f1361c12c105eb0ba8842c77)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch	[new file with mode: 0644]	blob
package/rpcbind/0006-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch	[new file with mode: 0644]	blob