From: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
To: buildroot@busybox.net
Subject: [Buildroot] [PATCH] rpcbind: Backport fixes to memory leak security fix
Date: Thu, 18 Jan 2018 22:10:13 +0100 [thread overview]
Message-ID: <20180118221013.5e56941e@windsurf.lan> (raw)
In-Reply-To: <20180118180531.8149-1-ed.blake@sondrel.com>
Hello,
On Thu, 18 Jan 2018 18:05:31 +0000, Ed Blake wrote:
> Commit 954509f added a security fix for CVE-2017-8779, involving
> pairing all svc_getargs() calls with svc_freeargs() to avoid a memory
> leak. However it also introduced a couple of issues:
>
> - The call to svc_freeargs() from rpcbproc_callit_com() may result in
> an attempt to free static memory, resulting in undefined behaviour.
>
> - A typo in the svc_freeargs() call from pmapproc_dump() causes NIS
> (aka ypbind) to fail.
>
> Backport upstream fixes for these issues to version 0.2.3.
>
> Change-Id: Ib6cb19d51c0ae682e3868593ef78edea4ef587be
> Signed-off-by: Ed Blake <ed.blake@sondrel.com>
> ---
> ..._callit_com-Stop-freeing-a-static-pointer.patch | 98 ++++++++++++++++++++++
> ...proc_dump-Fixed-typo-in-memory-leak-patch.patch | 31 +++++++
> 2 files changed, 129 insertions(+)
> create mode 100644 package/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch
> create mode 100644 package/rpcbind/0006-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch
Applied to master, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
next prev parent reply other threads:[~2018-01-18 21:10 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-18 18:05 [Buildroot] [PATCH] rpcbind: Backport fixes to memory leak security fix Ed Blake
2018-01-18 21:10 ` Thomas Petazzoni [this message]
2018-01-21 20:28 ` Peter Korsgaard
2018-01-31 7:51 ` Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180118221013.5e56941e@windsurf.lan \
--to=thomas.petazzoni@free-electrons.com \
--cc=buildroot@busybox.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox