rpms/libtirpc/F-9 libtirpc-0.1.7-taddr2uaddr-segflt.patch, NONE, 1.1 libtirpc.spec, 1.27, 1.28

Steve Dickson steved at fedoraproject.org
Mon Oct 27 17:34:26 UTC 2008 

Author: steved

Update of /cvs/pkgs/rpms/libtirpc/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1346

Modified Files:
	libtirpc.spec 
Added Files:
	libtirpc-0.1.7-taddr2uaddr-segflt.patch 
Log Message:
- Fix bad assumption taddr2uaddr processing that
  caused a segfault (bz468014)


libtirpc-0.1.7-taddr2uaddr-segflt.patch:

--- NEW FILE libtirpc-0.1.7-taddr2uaddr-segflt.patch ---
commit 338af7f9f00e096b65a6d823f885c4eeaf1d1f8c
Author: Steve Dickson <steved at redhat.com>
Date:   Mon Oct 27 12:46:54 2008 -0400

    __rpc_taddr2uaddr_af() assumes the netbuf to always have a
    non-zero data. This is a bad assumption and can lead to a
    seg-fault. This patch adds a check for zero length and returns
    NULL when found.
    
    Signed-off-by: Steve Dickson <steved at redhat.com>

diff --git a/src/rpc_generic.c b/src/rpc_generic.c
index 3aad018..27de254 100644
--- a/src/rpc_generic.c
+++ b/src/rpc_generic.c
@@ -603,6 +603,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf)
 #endif
 	u_int16_t port;
 
+	if (nbuf->len <= 0)
+		return NULL;
+
 	switch (af) {
 	case AF_INET:
 		sin = nbuf->buf;


Index: libtirpc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libtirpc/F-9/libtirpc.spec,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- libtirpc.spec	16 Sep 2008 18:11:48 -0000	1.27
+++ libtirpc.spec	27 Oct 2008 17:33:56 -0000	1.28
@@ -1,6 +1,6 @@
 Name:		   libtirpc
 Version:		0.1.7
-Release:		19%{?dist}
+Release:		20%{?dist}
 Summary:		Transport Independent RPC Library
 Group:		  	System Environment/Libraries
 License:		GPL
@@ -52,6 +52,7 @@
 Patch20: libtirpc-0.1.7-rpc_getbroadifs-typo.patch
 Patch21: libtirpc-0.1.7-taddr2addr-typo.patch
 Patch22: libtirpc-0.1.7-warnings.patch
+Patch23: libtirpc-0.1.7-taddr2uaddr-segflt.patch
 
 Patch100: libtirpc-0.1.7-compile.patch
 
@@ -84,6 +85,7 @@
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
+%patch23 -p1
 
 %patch100	-p1
 
@@ -186,6 +188,10 @@
 %{_mandir}/*/*
 
 %changelog
+* Mon Oct 27 2008 Steve Dickson  <steved at redhat.com> 0.1.7-20
+- Fix bad assumption taddr2uaddr processing that
+  caused a segfault (bz468014)
+
 * Tue Sep 16 2008 Steve Dickson  <steved at redhat.com> 0.1.7-19
 - Added super-H(sh3,sh4) architecture support
 - Updated COPYING with new license agreement

More information about the scm-commits mailing list