]> git.decadent.org.uk Git - nfs-utils.git/commit
projects / nfs-utils.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: aa2d7a1) | patch
2006-04-10 NeilBrown <neilb@suse.de>
authorneilbrown <neilbrown>
Mon, 10 Apr 2006 09:57:17 +0000 (09:57 +0000)
committerneilbrown <neilbrown>
Mon, 10 Apr 2006 09:57:17 +0000 (09:57 +0000)
commit660809fe7e597520d17deab9225f1b371c08d65c
treeb0da1b809f0f3ca6fac54b662486440998f9cea3tree | snapshot
parentaa2d7a1e352a6c2190452ebc3c638b66a2cf6f9bcommit | diff
2006-04-10 NeilBrown <neilb@suse.de>
Various paranoia checks:
gssd_proc.c: pass max_field sizes to sscanf to avoid buffer
  overflow
svcgssd_proc.c: range_check name.length, to ensure name.length+1
  doesn't wrap
idmapd.c(nfsdcb): make sure at least one byte is read before
 zeroing the last byte that was read, otherwise memory corruption
 is possible.

Found by SuSE security audit.
ChangeLog diff | blob | history
utils/gssd/gssd_proc.c diff | blob | history
utils/gssd/svcgssd_proc.c diff | blob | history
utils/idmapd/idmapd.c diff | blob | history
Debian package of nfs-utils