Hi NFS developers,
The following patch has been applied to 2.2.15pre20. It closes a security
hole whereby remote users can DoS knfsd.
Could you fold it into your 2.3.x work so it gets integrated into the
official kernel? Should apply cleanly.
Cheers
Chris
--- net/sunrpc/svcauth.c.old Tue Apr 18 05:13:47 2000
+++ net/sunrpc/svcauth.c Tue Apr 18 06:36:20 2000
@@ -4,6 +4,9 @@
* The generic interface for RPC authentication on the server side.
*
* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
+ *
+ * CHANGES
+ * 19-Apr-2000 Chris Evans - Security fix
*/
#include <linux/types.h>
@@ -117,7 +120,8 @@
struct svc_buf *resp = &rqstp->rq_resbuf;
struct svc_cred *cred = &rqstp->rq_cred;
u32 *bufp = argp->buf;
- int len = argp->len, slen, i;
+ int len = argp->len;
+ u32 slen, i;
if ((len -= 3) < 0) {
*statp = rpc_garbage_args;
@@ -127,7 +131,7 @@
bufp++; /* length */
bufp++; /* time stamp */
slen = (ntohl(*bufp++) + 3) >> 2; /* machname length */
- if (slen > 64 || (len -= slen) < 0)
+ if (slen > 64 || (len -= slen + 3) < 0)
goto badcred;
bufp += slen; /* skip machname */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 30 2000 - 21:00:08 EST