aboutsummaryrefslogtreecommitdiff
path: root/usr.sbin/rpcbind/rpcb_svc_com.c
diff options
context:
space:
mode:
authorXin LI <delphij@FreeBSD.org>2017-06-01 06:12:25 +0000
committerXin LI <delphij@FreeBSD.org>2017-06-01 06:12:25 +0000
commit6448ec89e7391aee8ce76785e0ec520ba7abb1c8 (patch)
treeb46740f9ea572cd854ee87389eef91802c3ffae6 /usr.sbin/rpcbind/rpcb_svc_com.c
parent26f923dca39acab33709d5073558846f0e1b67ae (diff)
downloadsrc-6448ec89e7391aee8ce76785e0ec520ba7abb1c8.tar.gz
src-6448ec89e7391aee8ce76785e0ec520ba7abb1c8.zip
* limit size of buffers to RPC_MAXDATASIZE
* don't leak memory * be more picky about bad parameters From: https://raw.githubusercontent.com/guidovranken/rpcbomb/master/libtirpc_patch.txt https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt via NetBSD. Reviewed by: emaste, cem (earlier version) Differential Revision: https://reviews.freebsd.org/D10922 MFC after: 3 days
Notes
Notes: svn path=/head/; revision=319369
Diffstat (limited to 'usr.sbin/rpcbind/rpcb_svc_com.c')
-rw-r--r--usr.sbin/rpcbind/rpcb_svc_com.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.sbin/rpcbind/rpcb_svc_com.c b/usr.sbin/rpcbind/rpcb_svc_com.c
index c86f75e7970c..d5beb13f7461 100644
--- a/usr.sbin/rpcbind/rpcb_svc_com.c
+++ b/usr.sbin/rpcbind/rpcb_svc_com.c
@@ -55,6 +55,7 @@
#include <stdio.h>
#ifdef PORTMAP
#include <netinet/in.h>
+#include <rpc/rpc_com.h>
#include <rpc/pmap_prot.h>
#endif /* PORTMAP */
#include <string.h>
@@ -418,7 +419,8 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp __unused,
static bool_t
xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
{
- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
+ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen),
+ RPC_MAXDATASIZE));
}
/*
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 22:53:46 +0000