diff options
Diffstat (limited to 'source/n/rpcbind')
-rw-r--r-- | source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch | 69 | ||||
-rwxr-xr-x | source/n/rpcbind/rpcbind.SlackBuild | 3 |
2 files changed, 1 insertions, 71 deletions
diff --git a/source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch b/source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch deleted file mode 100644 index 14fd88c8d..000000000 --- a/source/n/rpcbind/0001-rpcinfo-Fix-stack-buffer-overflow.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 0bc1c0ae7ce61a7ac8a8e9a9b2086268f011abf0 Mon Sep 17 00:00:00 2001 -From: Steve Dickson <steved@redhat.com> -Date: Tue, 9 Oct 2018 09:19:50 -0400 -Subject: [PATCH] rpcinfo: Fix stack buffer overflow - -*** buffer overflow detected ***: rpcinfo terminated -======= Backtrace: ========= -/lib64/libc.so.6(+0x721af)[0x7ff24c4451af] -/lib64/libc.so.6(__fortify_fail+0x37)[0x7ff24c4ccdc7] -/lib64/libc.so.6(+0xf8050)[0x7ff24c4cb050] -rpcinfo(+0x435f)[0xef3be2635f] -rpcinfo(+0x1c62)[0xef3be23c62] -/lib64/libc.so.6(__libc_start_main+0xf5)[0x7ff24c3f36e5] -rpcinfo(+0x2739)[0xef3be24739] -======= Memory map: ======== -... -The patch below fixes it. - -Reviewed-by: Chuck Lever <chuck.lever@oracle.com> -Signed-off-by: Thomas Blume <thomas.blume@suse.com> -Signed-off-by: Steve Dickson <steved@redhat.com> ---- - src/rpcinfo.c | 23 +++++++++++++++++------ - 1 file changed, 17 insertions(+), 6 deletions(-) - -diff --git a/src/rpcinfo.c b/src/rpcinfo.c -index 9b46864..cfdba88 100644 ---- a/src/rpcinfo.c -+++ b/src/rpcinfo.c -@@ -973,6 +973,7 @@ rpcbdump (dumptype, netid, argc, argv) - (" program version(s) netid(s) service owner\n"); - for (rs = rs_head; rs; rs = rs->next) - { -+ size_t netidmax = sizeof(buf) - 1; - char *p = buf; - - printf ("%10ld ", rs->prog); -@@ -985,12 +986,22 @@ rpcbdump (dumptype, netid, argc, argv) - } - printf ("%-10s", buf); - buf[0] = '\0'; -- for (nl = rs->nlist; nl; nl = nl->next) -- { -- strcat (buf, nl->netid); -- if (nl->next) -- strcat (buf, ","); -- } -+ -+ for (nl = rs->nlist; nl; nl = nl->next) -+ { -+ strncat (buf, nl->netid, netidmax); -+ if (strlen (nl->netid) < netidmax) -+ netidmax -= strlen(nl->netid); -+ else -+ break; -+ -+ if (nl->next && netidmax > 1) -+ { -+ strncat (buf, ",", netidmax); -+ netidmax --; -+ } -+ } -+ - printf ("%-32s", buf); - rpc = getrpcbynumber (rs->prog); - if (rpc) --- -2.22.0 - diff --git a/source/n/rpcbind/rpcbind.SlackBuild b/source/n/rpcbind/rpcbind.SlackBuild index 52bcd40ce..f6114e89c 100755 --- a/source/n/rpcbind/rpcbind.SlackBuild +++ b/source/n/rpcbind/rpcbind.SlackBuild @@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd) PKGNAM=rpcbind VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-5} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -85,7 +85,6 @@ tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1 cd $PKGNAM-$VERSION || exit 1 # git patches: -zcat $CWD/0001-rpcinfo-Fix-stack-buffer-overflow.patch.gz | patch -p1 --verbose || exit 1 # Local patches: zcat $CWD/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch.gz | patch -p1 --verbose || exit 1 |