[src/netbsd-1-4]: src/usr.sbin/amd/amd pull up rev 1.8 from trunk (requested ...

[cgd <cgd%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/63f40d96c704
branches:  netbsd-1-4
changeset: 469432:63f40d96c704
user:      cgd <cgd%NetBSD.org@localhost>
date:      Tue Sep 21 04:55:34 1999 +0000

description:
pull up rev 1.8 from trunk (requested by christos):
  Upgrade amd(8) and related software to fix expoitable stack overflows
  in amq(8), as reported in BUGTRAQ and elsewhere.

diffstat:

 usr.sbin/amd/amd/nfs_prot_svc.c |  25 +++++++++++++++++++++++--
 1 files changed, 23 insertions(+), 2 deletions(-)

diffs (46 lines):

diff -r 94444557d396 -r 63f40d96c704 usr.sbin/amd/amd/nfs_prot_svc.c
--- a/usr.sbin/amd/amd/nfs_prot_svc.c   Tue Sep 21 04:55:25 1999 +0000
+++ b/usr.sbin/amd/amd/nfs_prot_svc.c   Tue Sep 21 04:55:34 1999 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: nfs_prot_svc.c,v 1.7 1999/02/01 19:05:10 christos Exp $        */
+/*     $NetBSD: nfs_prot_svc.c,v 1.7.2.1 1999/09/21 04:55:34 cgd Exp $ */
 
 /*
  * Copyright (c) 1997-1999 Erez Zadok
@@ -40,7 +40,7 @@
  *
  *      %W% (Berkeley) %G%
  *
- * Id: nfs_prot_svc.c,v 1.3 1999/01/13 23:30:59 ezk Exp 
+ * Id: nfs_prot_svc.c,v 1.4 1999/08/22 21:12:30 ezk Exp 
  *
  */
 
@@ -100,6 +100,27 @@
   char *result;
   xdrproc_t xdr_argument, xdr_result;
   nfssvcproc_t local;
+  struct sockaddr_in *sinp;
+  char dq[20], dq2[28];
+
+  sinp = amu_svc_getcaller(rqstp->rq_xprt);
+#ifdef MNT2_NFS_OPT_RESVPORT
+  /* Verify that the request comes from a reserved port */
+  if (ntohs(sinp->sin_port) >= IPPORT_RESERVED) {
+    plog(XLOG_WARNING, "ignoring request from %s:%u, port not reserved",
+        inet_dquad(dq, sinp->sin_addr.s_addr),
+        ntohs(sinp->sin_port));
+    return;
+  }
+#endif /* MNT2_NFS_OPT_RESVPORT */
+  /* if the address does not match, ignore the request */
+  if (sinp->sin_addr.s_addr && sinp->sin_addr.s_addr != myipaddr.s_addr) {
+    plog(XLOG_WARNING, "ignoring request from %s:%u, expected %s",
+        inet_dquad(dq, sinp->sin_addr.s_addr),
+        ntohs(sinp->sin_port),
+        inet_dquad(dq2, myipaddr.s_addr));
+    return;
+  }
 
   nfs_program_2_transp = NULL;