glibc/include/rpc
Stefan Liebler 4b2e40a925 Handle out-of-memory case in svc_tcp.c/svc_unix.c:rendezvous_request.
If glibc is build with -O3 on at least 390 (-m31) or x86 (-m32),
gcc 11 dumps this warning:
svc_tcp.c: In function 'rendezvous_request':
svc_tcp.c:274:3: error: 'memcpy' offset [0, 15] is out of the bounds [0, 0] [-Werror=array-bounds]
  274 |   memcpy (&xprt->xp_raddr, &addr, sizeof (addr));
      |   ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors

In out-of-memory case, if one of the mallocs in makefd_xprt function
returns NULL, a message is dumped, makefd_xprt returns NULL
and the subsequent memcpy would copy to NULL.

Instead of a segfaulting, we delay a bit (see also __svc_accept_failed
and Bug 14889 (CVE-2011-4609) - svc_run() produces high cpu usage when
accept() fails with EMFILE (CVE-2011-4609).

The same applies to svc_unix.c.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-12-10 11:11:20 +01:00
..
auth_des.h Remove --enable-obsolete-nsl configure flag 2020-07-08 17:25:57 +02:00
auth_unix.h
auth.h Remove --enable-obsolete-nsl configure flag 2020-07-08 17:25:57 +02:00
clnt.h
des_crypt.h
key_prot.h
netdb.h nss_files: Consolidate line parse declarations in <nss_files.h> 2020-07-21 07:33:20 +02:00
pmap_clnt.h
pmap_prot.h
pmap_rmt.h
rpc_msg.h
rpc.h
svc_auth.h
svc.h Handle out-of-memory case in svc_tcp.c/svc_unix.c:rendezvous_request. 2020-12-10 11:11:20 +01:00
types.h
xdr.h