patch-2.2.15 linux/net/sunrpc/svcauth.c
Next file: linux/net/unix/af_unix.c
Previous file: linux/net/sunrpc/sched.c
Back to the patch index
Back to the overall index
- Lines: 29
- Date:
Fri Apr 21 23:00:39 2000
- Orig file:
v2.2.14/net/sunrpc/svcauth.c
- Orig date:
Mon Apr 7 19:35:33 1997
diff -u --new-file --recursive --exclude-from ../../exclude v2.2.14/net/sunrpc/svcauth.c linux/net/sunrpc/svcauth.c
@@ -4,6 +4,9 @@
* The generic interface for RPC authentication on the server side.
*
* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
+ *
+ * CHANGES
+ * 19-Apr-2000 Chris Evans - Security fix
*/
#include <linux/types.h>
@@ -117,7 +120,8 @@
struct svc_buf *resp = &rqstp->rq_resbuf;
struct svc_cred *cred = &rqstp->rq_cred;
u32 *bufp = argp->buf;
- int len = argp->len, slen, i;
+ int len = argp->len;
+ u32 slen, i;
if ((len -= 3) < 0) {
*statp = rpc_garbage_args;
@@ -127,7 +131,7 @@
bufp++; /* length */
bufp++; /* time stamp */
slen = (ntohl(*bufp++) + 3) >> 2; /* machname length */
- if (slen > 64 || (len -= slen) < 0)
+ if (slen > 64 || (len -= slen + 3) < 0)
goto badcred;
bufp += slen; /* skip machname */
FUNET's LINUX-ADM group, linux-adm@nic.funet.fi
TCL-scripts by Sam Shen (who was at: slshen@lbl.gov)