Google Git
Sign in
android-kvm / buildroot / 5a9a95d0eb15c189f1361c12c105eb0ba8842c77
commit5a9a95d0eb15c189f1361c12c105eb0ba8842c77[log] [tgz]
authorEd Blake <ed.blake@sondrel.com>Thu Jan 18 18:05:31 2018 +0000
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>Thu Jan 18 22:08:39 2018 +0100
treeaba728224a526947b5e75aee996114afe7e16312
parent7d5796062f19db89880dac899030ac4cbc0372f2 [diff]
rpcbind: Backport fixes to memory leak security fix

Commit 954509f added a security fix for CVE-2017-8779, involving
pairing all svc_getargs() calls with svc_freeargs() to avoid a memory
leak.  However it also introduced a couple of issues:

- The call to svc_freeargs() from rpcbproc_callit_com() may result in
  an attempt to free static memory, resulting in undefined behaviour.

- A typo in the svc_freeargs() call from pmapproc_dump() causes NIS
  (aka ypbind) to fail.

Backport upstream fixes for these issues to version 0.2.3.

Signed-off-by: Ed Blake <ed.blake@sondrel.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2 files changed
tree: aba728224a526947b5e75aee996114afe7e16312
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. utils/
  13. .defconfig
  14. .flake8
  15. .gitignore
  16. .gitlab-ci.yml
  17. .gitlab-ci.yml.in
  18. CHANGES
  19. Config.in
  20. Config.in.legacy
  21. COPYING
  22. DEVELOPERS
  23. Makefile
  24. Makefile.legacy
  25. README