summaryrefslogtreecommitdiff
path: root/source/n/rpcbind
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2018-11-15 19:47:53 +0000
committerEric Hameleers <alien@slackware.com>2018-11-16 08:59:44 +0100
commit3a6358fa3e26f0d5263d575ff8a3065cab653365 (patch)
tree756136fab3c6d182620e48144550a5bf9bb4c943 /source/n/rpcbind
parent7b3da2adfbd73893fbd0c4ca25ecb28704220178 (diff)
downloadcurrent-3a6358fa3e26f0d5263d575ff8a3065cab653365.tar.gz
Thu Nov 15 19:47:53 UTC 201820181115194753
d/python-setuptools-40.6.2-x86_64-1.txz: Upgraded. l/python-requests-2.20.1-x86_64-1.txz: Upgraded. n/cifs-utils-6.8-x86_64-1.txz: Upgraded. n/getmail-5.8-x86_64-1.txz: Upgraded. n/nfs-utils-2.3.3-x86_64-1.txz: Upgraded. n/rpcbind-1.2.5-x86_64-1.txz: Upgraded. x/mesa-18.2.5-x86_64-1.txz: Upgraded.
Diffstat (limited to 'source/n/rpcbind')
-rw-r--r--source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch218
-rw-r--r--source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch29
-rw-r--r--source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch69
-rw-r--r--source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch96
-rw-r--r--source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch96
-rwxr-xr-xsource/n/rpcbind/rpcbind.SlackBuild17
6 files changed, 6 insertions, 519 deletions
diff --git a/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch b/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch
deleted file mode 100644
index 060614cc..00000000
--- a/source/n/rpcbind/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch
+++ /dev/null
@@ -1,218 +0,0 @@
-From 7ea36eeece56b59f98e469934e4c20b4da043346 Mon Sep 17 00:00:00 2001
-From: Doran Moppert <dmoppert@redhat.com>
-Date: Thu, 11 May 2017 11:42:54 -0400
-Subject: [PATCH 2/6] rpcbind: pair all svc_getargs() calls with svc_freeargs()
- to avoid memory leak
-
-This patch is to address CVE-2017-8779 "rpcbomb" in rpcbind, discussed
-at [1], [2], [3]. The last link suggests this issue is actually a bug
-in rpcbind, which led me here.
-
-The leak caused by the reproducer at [4] appears to come from
-rpcb_service_4(), in the case where svc_getargs() returns false and the
-function had an early return, rather than passing through the cleanup
-path at done:, as would otherwise occur.
-
-It also addresses a couple of other locations where the same fault seems
-to exist, though I haven't been able to exercise those. I hope someone
-more intimate with rpc(3) can confirm my understanding is correct, and
-that I haven't introduced any new bugs.
-
-Without this patch, using the reproducer (and variants) repeatedly
-against rpcbind with a numBytes argument of 1_000_000_000, /proc/$(pidof
-rpcbind)/status reports VmSize increase of 976564 kB each call, and
-VmRSS increase of around 260 kB every 33 calls - the specific numbers
-are probably an artifact of my rhel/glibc version. With the patch,
-there is a small (~50 kB) VmSize increase with the first message, but
-thereafter both VmSize and VmRSS remain steady.
-
-[1]: http://seclists.org/oss-sec/2017/q2/209
-[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1448124
-[3]: https://sourceware.org/ml/libc-alpha/2017-05/msg00129.html
-[4]: https://github.com/guidovranken/rpcbomb/
-
-Signed-off-by: Doran Moppert <dmoppert@redhat.com>
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/pmap_svc.c | 56 +++++++++++++++++++++++++++++++++++++++++++++---------
- src/rpcb_svc.c | 2 +-
- src/rpcb_svc_4.c | 2 +-
- src/rpcb_svc_com.c | 8 ++++++++
- 4 files changed, 57 insertions(+), 11 deletions(-)
-
-diff --git a/src/pmap_svc.c b/src/pmap_svc.c
-index 4c744fe..e926cdc 100644
---- a/src/pmap_svc.c
-+++ b/src/pmap_svc.c
-@@ -175,6 +175,7 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
- long ans;
- uid_t uid;
- char uidbuf[32];
-+ int rc = TRUE;
-
- /*
- * Can't use getpwnam here. We might end up calling ourselves
-@@ -194,7 +195,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
-
- if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
- svcerr_decode(xprt);
-- return (FALSE);
-+ rc = FALSE;
-+ goto done;
- }
- #ifdef RPCBIND_DEBUG
- if (debugging)
-@@ -205,7 +207,8 @@ pmapproc_change(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt, unsigned long
-
- if (!check_access(xprt, op, reg.pm_prog, PMAPVERS)) {
- svcerr_weakauth(xprt);
-- return (FALSE);
-+ rc = (FALSE);
-+ goto done;
- }
-
- rpcbreg.r_prog = reg.pm_prog;
-@@ -258,7 +261,16 @@ done_change:
- rpcbs_set(RPCBVERS_2_STAT, ans);
- else
- rpcbs_unset(RPCBVERS_2_STAT, ans);
-- return (TRUE);
-+done:
-+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
-+ if (debugging) {
-+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
-+ if (doabort) {
-+ rpcbind_abort();
-+ }
-+ }
-+ }
-+ return (rc);
- }
-
- /* ARGSUSED */
-@@ -272,15 +284,18 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
- #ifdef RPCBIND_DEBUG
- char *uaddr;
- #endif
-+ int rc = TRUE;
-
- if (!svc_getargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
- svcerr_decode(xprt);
-- return (FALSE);
-+ rc = FALSE;
-+ goto done;
- }
-
- if (!check_access(xprt, PMAPPROC_GETPORT, reg.pm_prog, PMAPVERS)) {
- svcerr_weakauth(xprt);
-- return FALSE;
-+ rc = FALSE;
-+ goto done;
- }
-
- #ifdef RPCBIND_DEBUG
-@@ -330,21 +345,34 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
- pmap_ipprot2netid(reg.pm_prot) ?: "<unknown>",
- port ? udptrans : "");
-
-- return (TRUE);
-+done:
-+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
-+ if (debugging) {
-+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
-+ if (doabort) {
-+ rpcbind_abort();
-+ }
-+ }
-+ }
-+ return (rc);
- }
-
- /* ARGSUSED */
- static bool_t
- pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
- {
-+ int rc = TRUE;
-+
- if (!svc_getargs(xprt, (xdrproc_t)xdr_void, NULL)) {
- svcerr_decode(xprt);
-- return (FALSE);
-+ rc = FALSE;
-+ goto done;
- }
-
- if (!check_access(xprt, PMAPPROC_DUMP, 0, PMAPVERS)) {
- svcerr_weakauth(xprt);
-- return FALSE;
-+ rc = FALSE;
-+ goto done;
- }
-
- if ((!svc_sendreply(xprt, (xdrproc_t) xdr_pmaplist_ptr,
-@@ -354,7 +382,17 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
- rpcbind_abort();
- }
- }
-- return (TRUE);
-+
-+done:
-+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) {
-+ if (debugging) {
-+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
-+ if (doabort) {
-+ rpcbind_abort();
-+ }
-+ }
-+ }
-+ return (rc);
- }
-
- int pmap_netid2ipprot(const char *netid)
-diff --git a/src/rpcb_svc.c b/src/rpcb_svc.c
-index 709e3fb..091f530 100644
---- a/src/rpcb_svc.c
-+++ b/src/rpcb_svc.c
-@@ -166,7 +166,7 @@ rpcb_service_3(struct svc_req *rqstp, SVCXPRT *transp)
- svcerr_decode(transp);
- if (debugging)
- (void) xlog(LOG_DEBUG, "rpcbind: could not decode");
-- return;
-+ goto done;
- }
-
- if (rqstp->rq_proc == RPCBPROC_SET
-diff --git a/src/rpcb_svc_4.c b/src/rpcb_svc_4.c
-index 5094879..eebbbbe 100644
---- a/src/rpcb_svc_4.c
-+++ b/src/rpcb_svc_4.c
-@@ -218,7 +218,7 @@ rpcb_service_4(struct svc_req *rqstp, SVCXPRT *transp)
- svcerr_decode(transp);
- if (debugging)
- (void) xlog(LOG_DEBUG, "rpcbind: could not decode\n");
-- return;
-+ goto done;
- }
-
- if (rqstp->rq_proc == RPCBPROC_SET
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 5862c26..cb63afd 100644
---- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -927,6 +927,14 @@ error:
- if (call_msg.rm_xid != 0)
- (void) free_slot_by_xid(call_msg.rm_xid);
- out:
-+ if (!svc_freeargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) {
-+ if (debugging) {
-+ (void) xlog(LOG_DEBUG, "unable to free arguments\n");
-+ if (doabort) {
-+ rpcbind_abort();
-+ }
-+ }
-+ }
- if (local_uaddr)
- free(local_uaddr);
- if (buf_alloc)
---
-2.13.0
-
diff --git a/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch b/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch
deleted file mode 100644
index 6cf885ac..00000000
--- a/source/n/rpcbind/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From c49a7ea639eb700823e174fd605bbbe183e229aa Mon Sep 17 00:00:00 2001
-From: Steve Dickson <steved@redhat.com>
-Date: Wed, 17 May 2017 10:52:25 -0400
-Subject: [PATCH 3/6] pmapproc_dump: Fixed typo in memory leak patch
-
-commit 7ea36eee introduce a typo that caused
-NIS (aka ypbind) to fail.
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/pmap_svc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/pmap_svc.c b/src/pmap_svc.c
-index e926cdc..26c31d0 100644
---- a/src/pmap_svc.c
-+++ b/src/pmap_svc.c
-@@ -384,7 +384,7 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
- }
-
- done:
-- if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)NULL)) {
-+ if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) {
- if (debugging) {
- (void) xlog(LOG_DEBUG, "unable to free arguments\n");
- if (doabort) {
---
-2.13.0
-
diff --git a/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch b/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch
deleted file mode 100644
index f7c30794..00000000
--- a/source/n/rpcbind/0004-rpcbind-fix-building-without-enable-debug.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-From c0e38c9fd1b2c6785af90c86b26a07724c2488e8 Mon Sep 17 00:00:00 2001
-From: Nick Alcock <nick.alcock@oracle.com>
-Date: Thu, 25 May 2017 12:45:35 -0400
-Subject: [PATCH 4/6] rpcbind: fix building without --enable-debug
-
-All if (debugging) stanzas and their accompanying xlog()s and aborts
-should be within #ifdef RPCBIND_DEBUG.
-
-Fixes a compilation failure due to non-inclusion of <syslog.h> in the
-non-debugging case.
-
-Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/pmap_svc.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/src/pmap_svc.c b/src/pmap_svc.c
-index 26c31d0..a53dd5f 100644
---- a/src/pmap_svc.c
-+++ b/src/pmap_svc.c
-@@ -263,12 +263,14 @@ done_change:
- rpcbs_unset(RPCBVERS_2_STAT, ans);
- done:
- if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
-+#ifdef RPCBIND_DEBUG
- if (debugging) {
- (void) xlog(LOG_DEBUG, "unable to free arguments\n");
- if (doabort) {
- rpcbind_abort();
- }
- }
-+#endif
- }
- return (rc);
- }
-@@ -347,12 +349,14 @@ pmapproc_getport(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
-
- done:
- if (!svc_freeargs(xprt, (xdrproc_t) xdr_pmap, (char *)&reg)) {
-+#ifdef RPCBIND_DEBUG
- if (debugging) {
- (void) xlog(LOG_DEBUG, "unable to free arguments\n");
- if (doabort) {
- rpcbind_abort();
- }
- }
-+#endif
- }
- return (rc);
- }
-@@ -385,12 +389,14 @@ pmapproc_dump(struct svc_req *rqstp /*__unused*/, SVCXPRT *xprt)
-
- done:
- if (!svc_freeargs(xprt, (xdrproc_t) xdr_void, (char *)NULL)) {
-+#ifdef RPCBIND_DEBUG
- if (debugging) {
- (void) xlog(LOG_DEBUG, "unable to free arguments\n");
- if (doabort) {
- rpcbind_abort();
- }
- }
-+#endif
- }
- return (rc);
- }
---
-2.13.0
-
diff --git a/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch b/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch
deleted file mode 100644
index ff42c9e4..00000000
--- a/source/n/rpcbind/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-From 7c7590ad536c0e24bef790cb1e65702fc54db566 Mon Sep 17 00:00:00 2001
-From: Steve Dickson <steved@redhat.com>
-Date: Tue, 30 May 2017 11:27:22 -0400
-Subject: [PATCH 5/6] rpcbproc_callit_com: Stop freeing a static pointer
-
-commit 7ea36ee introduced a svc_freeargs() call
-that ended up freeing static pointer.
-
-It turns out the allocations for the rmt_args
-is not necessary . The xdr routines (xdr_bytes) will
-handle the memory management and the largest
-possible message size is UDPMSGSIZE (due to UDP only)
-which is smaller than RPC_BUF_MAX
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/rpcb_svc_com.c | 39 ++++++---------------------------------
- 1 file changed, 6 insertions(+), 33 deletions(-)
-
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index cb63afd..1fc2229 100644
---- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -612,9 +612,9 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
- struct netconfig *nconf;
- struct netbuf *caller;
- struct r_rmtcall_args a;
-- char *buf_alloc = NULL, *outbufp;
-+ char *outbufp;
- char *outbuf_alloc = NULL;
-- char buf[RPC_BUF_MAX], outbuf[RPC_BUF_MAX];
-+ char outbuf[RPC_BUF_MAX];
- struct netbuf *na = (struct netbuf *) NULL;
- struct rpc_msg call_msg;
- int outlen;
-@@ -635,36 +635,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
- }
- if (si.si_socktype != SOCK_DGRAM)
- return; /* Only datagram type accepted */
-- sendsz = __rpc_get_t_size(si.si_af, si.si_proto, UDPMSGSIZE);
-- if (sendsz == 0) { /* data transfer not supported */
-- if (reply_type == RPCBPROC_INDIRECT)
-- svcerr_systemerr(transp);
-- return;
-- }
-- /*
-- * Should be multiple of 4 for XDR.
-- */
-- sendsz = ((sendsz + 3) / 4) * 4;
-- if (sendsz > RPC_BUF_MAX) {
--#ifdef notyet
-- buf_alloc = alloca(sendsz); /* not in IDR2? */
--#else
-- buf_alloc = malloc(sendsz);
--#endif /* notyet */
-- if (buf_alloc == NULL) {
-- if (debugging)
-- xlog(LOG_DEBUG,
-- "rpcbproc_callit_com: No Memory!\n");
-- if (reply_type == RPCBPROC_INDIRECT)
-- svcerr_systemerr(transp);
-- return;
-- }
-- a.rmt_args.args = buf_alloc;
-- } else {
-- a.rmt_args.args = buf;
-- }
-+ sendsz = UDPMSGSIZE;
-
- call_msg.rm_xid = 0; /* For error checking purposes */
-+ memset(&a, 0, sizeof(a)); /* Zero out the input buffer */
- if (!svc_getargs(transp, (xdrproc_t) xdr_rmtcall_args, (char *) &a)) {
- if (reply_type == RPCBPROC_INDIRECT)
- svcerr_decode(transp);
-@@ -704,7 +678,8 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
- if (rbl == (rpcblist_ptr)NULL) {
- #ifdef RPCBIND_DEBUG
- if (debugging)
-- xlog(LOG_DEBUG, "not found\n");
-+ xlog(LOG_DEBUG, "prog %lu vers %lu: not found\n",
-+ a.rmt_prog, a.rmt_vers);
- #endif
- if (reply_type == RPCBPROC_INDIRECT)
- svcerr_noprog(transp);
-@@ -937,8 +912,6 @@ out:
- }
- if (local_uaddr)
- free(local_uaddr);
-- if (buf_alloc)
-- free(buf_alloc);
- if (outbuf_alloc)
- free(outbuf_alloc);
- if (na) {
---
-2.13.2
-
diff --git a/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch b/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch
deleted file mode 100644
index 1a0aa6cf..00000000
--- a/source/n/rpcbind/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-From 1e2ddd4ebd7a9266e6070f275fa35752752fdfd6 Mon Sep 17 00:00:00 2001
-From: Steve Dickson <steved@redhat.com>
-Date: Tue, 30 May 2017 11:29:58 -0400
-Subject: [PATCH 6/6] rpcbproc_callit_com: No need to allocate output buffer
-
-Now that sendz is a fixed size (UDPMSGSIZE) which
-is small then RPC_BUF_MAX, no need to check the
-sendz size.
-
-Signed-off-by: Steve Dickson <steved@redhat.com>
----
- src/rpcb_svc_com.c | 33 +++++----------------------------
- 1 file changed, 5 insertions(+), 28 deletions(-)
-
-diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
-index 1fc2229..d36b090 100644
---- a/src/rpcb_svc_com.c
-+++ b/src/rpcb_svc_com.c
-@@ -612,8 +612,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
- struct netconfig *nconf;
- struct netbuf *caller;
- struct r_rmtcall_args a;
-- char *outbufp;
-- char *outbuf_alloc = NULL;
- char outbuf[RPC_BUF_MAX];
- struct netbuf *na = (struct netbuf *) NULL;
- struct rpc_msg call_msg;
-@@ -674,7 +672,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
-
- rpcbs_rmtcall(versnum - 2, reply_type, a.rmt_prog, a.rmt_vers,
- a.rmt_proc, transp->xp_netid, rbl);
--
- if (rbl == (rpcblist_ptr)NULL) {
- #ifdef RPCBIND_DEBUG
- if (debugging)
-@@ -793,24 +790,10 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
- call_msg.rm_call.cb_rpcvers = RPC_MSG_VERSION;
- call_msg.rm_call.cb_prog = a.rmt_prog;
- call_msg.rm_call.cb_vers = a.rmt_vers;
-- if (sendsz > RPC_BUF_MAX) {
--#ifdef notyet
-- outbuf_alloc = alloca(sendsz); /* not in IDR2? */
--#else
-- outbuf_alloc = malloc(sendsz);
--#endif /* notyet */
-- if (outbuf_alloc == NULL) {
-- if (reply_type == RPCBPROC_INDIRECT)
-- svcerr_systemerr(transp);
-- if (debugging)
-- xlog(LOG_DEBUG,
-- "rpcbproc_callit_com: No memory!\n");
-- goto error;
-- }
-- xdrmem_create(&outxdr, outbuf_alloc, sendsz, XDR_ENCODE);
-- } else {
-- xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE);
-- }
-+
-+ memset(outbuf, '\0', sendsz); /* Zero out the output buffer */
-+ xdrmem_create(&outxdr, outbuf, sendsz, XDR_ENCODE);
-+
- if (!xdr_callhdr(&outxdr, &call_msg)) {
- if (reply_type == RPCBPROC_INDIRECT)
- svcerr_systemerr(transp);
-@@ -875,10 +858,6 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
- goto error;
- }
- outlen = (int) XDR_GETPOS(&outxdr);
-- if (outbuf_alloc)
-- outbufp = outbuf_alloc;
-- else
-- outbufp = outbuf;
-
- na = uaddr2taddr(nconf, local_uaddr);
- if (!na) {
-@@ -887,7 +866,7 @@ rpcbproc_callit_com(struct svc_req *rqstp, SVCXPRT *transp,
- goto error;
- }
-
-- if (sendto(fd, outbufp, outlen, 0, (struct sockaddr *)na->buf, na->len)
-+ if (sendto(fd, outbuf, outlen, 0, (struct sockaddr *)na->buf, na->len)
- != outlen) {
- if (debugging)
- xlog(LOG_DEBUG,
-@@ -912,8 +891,6 @@ out:
- }
- if (local_uaddr)
- free(local_uaddr);
-- if (outbuf_alloc)
-- free(outbuf_alloc);
- if (na) {
- free(na->buf);
- free(na);
---
-2.13.2
-
diff --git a/source/n/rpcbind/rpcbind.SlackBuild b/source/n/rpcbind/rpcbind.SlackBuild
index e28a2ad8..27480223 100755
--- a/source/n/rpcbind/rpcbind.SlackBuild
+++ b/source/n/rpcbind/rpcbind.SlackBuild
@@ -24,7 +24,7 @@ cd $(dirname $0) ; CWD=$(pwd)
PKGNAM=rpcbind
VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)}
-BUILD=${BUILD:-4}
+BUILD=${BUILD:-1}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
@@ -84,19 +84,10 @@ rm -rf $PKGNAM-$VERSION
tar xvf $CWD/$PKGNAM-$VERSION.tar.?z || exit 1
cd $PKGNAM-$VERSION || exit 1
-# CVE-2017-8779
-zcat $CWD/0002-rpcbind-pair-all-svc_getargs-calls-with-svc_freeargs.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/0003-pmapproc_dump-Fixed-typo-in-memory-leak-patch.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/0004-rpcbind-fix-building-without-enable-debug.patch.gz | patch -p1 --verbose || exit 1
-
-# Fixes from git master
-zcat $CWD/0005-rpcbproc_callit_com-Stop-freeing-a-static-pointer.patch.gz | patch -p1 --verbose || exit 1
-zcat $CWD/0006-rpcbproc_callit_com-No-need-to-allocate-output-buffe.patch.gz | patch -p1 --verbose || exit 1
-
+# Local patches:
zcat $CWD/0001-man-rpcibind.8-Clarify-state-file-usage-and-history.patch | patch -p1 --verbose || exit 1
zcat $CWD/rpcbind.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1
-
# This is needed after the libwrap patch above:
autoreconf -vif || exit 1
./autogen.sh
@@ -128,6 +119,10 @@ CFLAGS="$SLKCFLAGS" \
make $NUMJOBS || make || exit 1
make install DESTDIR=$PKG || exit 1
+# Move rpcbind to /sbin:
+mv $PKG/usr/sbin/rpcbind $PKG/sbin/rpcbind
+rmdir $PKG/usr/sbin
+
# Make state directory (not really needed as rpcbind does this on startup)
mkdir -p $PKG/var/run/rpcbind
chown rpc:root $PKG/var/run/rpcbind