Package: libtirpc / 0.2.5-1.2

Metadata

Package Version Patches format
libtirpc 0.2.5-1.2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
03 kfreebsd.diff | (download)

src/clnt_vc.c | 2 2 + 0 - 0 !
src/getpeereid.c | 11 11 + 0 - 0 !
src/svc_dg.c | 6 6 + 0 - 0 !
tirpc/reentrant.h | 2 1 + 1 - 0 !
4 files changed, 20 insertions(+), 1 deletion(-)

---
04 fix memory leak.diff | (download)

src/svc_auth_gss.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

---
05 hurd port.diff | (download)

configure.ac | 4 2 + 2 - 0 !
src/auth_unix.c | 5 5 + 0 - 0 !
src/bindresvport.c | 2 1 + 1 - 0 !
src/getpeereid.c | 10 9 + 1 - 0 !
4 files changed, 17 insertions(+), 4 deletions(-)

 get source building on hurd
 - Look for <sys/user.h> before using it.
 - Define MAXHOSTNAMELEN to 64 if missing.
 - Bind sockets on Hurd like on Linux.
06 hurd client port.diff | (download)

src/rpc_generic.c | 7 6 + 1 - 0 !
1 file changed, 6 insertions(+), 1 deletion(-)

 fix client code for hurd, avoiding malloc overflow
 When trying to setup a inet connection, it happens the following:
 - in libtirp, src/clnt_vc.c, clnt_vc_create gets called
 - when trying to allocate vc_fd_locks, __rpc_dtbsize() is used as size
   for that array of fd locks
 - __rpc_dtbsize(), in src/rpc_generic.c, queries using rlimit the
   maximum (rlim_max) number of file descriptors (RLIMIT_NOFILE):
   - on Linux, the default is { rlim_cur = 1024, rlim_max = 4096 }
   - on kFreeBSD, the default is { rlim_cur = 1024, rlim_max = 1024 }
   - on Hurd, the default is { rlim_cur = 1024, rlim_max = RLIM_INFINITY }
  meaning that on Hurd the memory allocation fails (as
  __rpc_dtbsize() * sizeof(int) overflows and is negative)

 Change libtiprc so __rpc_dtbsize falls back on rlim_cur if rlim_max
 is unlimited.

 This patch fixes the client connection using inet sockets; local unix
 sockets are not working, for two reasons so far:
 - getpeername on them gives EOPNOTSUPP
 - SO_REUSEADDR is not implemented for them
09 autogen.sh.diff | (download)

autogen.sh | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
10 CVE 2016 4429.diff | (download)

src/clnt_dg.c | 10 9 + 1 - 0 !
1 file changed, 9 insertions(+), 1 deletion(-)

 [patch] cve-2016-4429: tirpc: do not use alloca in clntudp_call [bz #20112]

The call is technically in a loop, and under certain circumstances
11 CVE 2017 8779.diff | (download)

src/rpc_generic.c | 8 8 + 0 - 0 !
src/rpcb_prot.c | 22 14 + 8 - 0 !
src/rpcb_st_xdr.c | 9 5 + 4 - 0 !
src/xdr.c | 30 25 + 5 - 0 !
4 files changed, 52 insertions(+), 17 deletions(-)

 cve-2017-8779: memory leak when failing to parse xdr strings or bytearrays