diff mbox series

rpcbind: update to 0.2.4 and add patch for CVE-2017-8779

Message ID 20171031154328.6435-1-marcel.lorenz@ipfire.org
State Dropped
Headers
Series rpcbind: update to 0.2.4 and add patch for CVE-2017-8779 |

Commit Message

Marcel Lorenz Nov. 1, 2017, 2:43 a.m. UTC 
  Signed-off-by: Marcel Lorenz <marcel.lorenz@ipfire.org>
---
 lfs/rpcbind                                        | 10 ++++----
 .../rpcbind-0.2.4-vulnerability_fixes-1.patch      | 29 ++++++++++++++++++++++
 2 files changed, 34 insertions(+), 5 deletions(-)
 create mode 100644 src/patches/rpcbind-0.2.4-vulnerability_fixes-1.patch
diff mbox series

Patch

diff --git a/lfs/rpcbind b/lfs/rpcbind
index 046121f36..f6bd05d9c 100644
--- a/lfs/rpcbind
+++ b/lfs/rpcbind
@@ -1,7 +1,7 @@ 
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2016  IPFire Team  <info@ipfire.org>                          #
+# Copyright (C) 2007-2017   IPFire Team  <info@ipfire.org>                    #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@ 
 
 include Config
 
-VER        = 0.2.3
+VER        = 0.2.4
 
 THISAPP    = rpcbind-$(VER)
 DL_FILE    = $(THISAPP).tar.bz2
@@ -32,7 +32,7 @@  DL_FROM    = $(URL_IPFIRE)
 DIR_APP    = $(DIR_SRC)/$(THISAPP)
 TARGET     = $(DIR_INFO)/$(THISAPP)
 PROG       = rpcbind
-PAK_VER    = 2
+PAK_VER    = 3
 
 DEPS       = "libtirpc"
 
@@ -44,7 +44,7 @@  objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = c8875246b2688a1adfbd6ad43480278d
+$(DL_FILE)_MD5 = cf10cd41ed8228fc54c316191c1f07fe
 
 install : $(TARGET)
 
@@ -77,8 +77,8 @@  $(subst %,%_MD5,$(objects)) :
 $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/rpcbind-0.2.4-vulnerability_fixes-1.patch
 	cd $(DIR_APP) && sed -i "/servname/s:rpcbind:sunrpc:" src/rpcbind.c
-	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/rpcbind/rpcbind-0.2.3-tirpc_fix-1.patch
 	cd $(DIR_APP) && ./configure --prefix=/usr --bindir=/sbin --with-rpcuser=root --without-systemdsystemunitdir --disable-ipv6
 	cd $(DIR_APP) && make $(MAKETUNING) $(EXTRA_MAKE)
 	cd $(DIR_APP) && make install
diff --git a/src/patches/rpcbind-0.2.4-vulnerability_fixes-1.patch b/src/patches/rpcbind-0.2.4-vulnerability_fixes-1.patch
new file mode 100644
index 000000000..d8137d3c9
--- /dev/null
+++ b/src/patches/rpcbind-0.2.4-vulnerability_fixes-1.patch
@@ -0,0 +1,29 @@ 
+Submitted By: Ken Moffat <ken at linuxfromscratch dot org>
+Date: 2017-05-29
+Initial Package Version: 0.2.4 (also affects earlier versions)
+Upstream Status: Unknown
+Origin: Guido Vranken
+Description: Fixes CVE-2017-8779 (DOS by remote attackers - memory consumption
+without subsequent free).
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 5862c26..e11f61b 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -48,6 +48,7 @@
+ #include <rpc/rpc.h>
+ #include <rpc/rpcb_prot.h>
+ #include <rpc/svc_dg.h>
++#include <rpc/rpc_com.h>
+ #include <netconfig.h>
+ #include <errno.h>
+ #include <syslog.h>
+@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/,
+ static bool_t
+ xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
+ {
+-	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
++	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE));
+ }
+ 
+ /*