[src/trunk]: src/usr.sbin/rpcbind Limit size of buffer:

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/cded2e51c252
branches:  trunk
changeset: 823704:cded2e51c252
user:      christos <christos%NetBSD.org@localhost>
date:      Wed May 03 21:28:00 2017 +0000

description:
Limit size of buffer:
https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt
XXX: pullup-7

diffstat:

 usr.sbin/rpcbind/rpcb_svc_com.c |  6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diffs (27 lines):

diff -r 3cc4e308ce63 -r cded2e51c252 usr.sbin/rpcbind/rpcb_svc_com.c
--- a/usr.sbin/rpcbind/rpcb_svc_com.c   Wed May 03 20:12:19 2017 +0000
+++ b/usr.sbin/rpcbind/rpcb_svc_com.c   Wed May 03 21:28:00 2017 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: rpcb_svc_com.c,v 1.18 2015/11/10 18:04:51 christos Exp $       */
+/*     $NetBSD: rpcb_svc_com.c,v 1.19 2017/05/03 21:28:00 christos Exp $       */
 
 /*
  * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
@@ -45,6 +45,7 @@
 #include <sys/socket.h>
 #include <rpc/rpc.h>
 #include <rpc/rpcb_prot.h>
+#include <rpc/rpc_com.h>
 #include <netconfig.h>
 #include <errno.h>
 #include <syslog.h>
@@ -421,7 +422,8 @@
 static bool_t
 xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
 {
-       return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
+       return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen),
+           RPC_MAXDATASIZE));
 }
 
 /*