glibc/sunrpc
Florian Weimer bc779a1a5b CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call [BZ #20112]
The call is technically in a loop, and under certain circumstances
(which are quite difficult to reproduce in a test case), alloca
can be invoked repeatedly during a single call to clntudp_call.
As a result, the available stack space can be exhausted (even
though individual alloca sizes are bounded implicitly by what
can fit into a UDP packet, as a side effect of the earlier
successful send operation).
2016-05-23 20:18:34 +02:00
..
rpc Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
rpcsvc Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
auth_des.c Add #include <stdint.h> for uint[32|64]_t usage (except installed headers). 2013-05-16 11:32:54 -05:00
auth_none.c Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912). 2015-09-08 21:11:03 +00:00
auth_unix.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
authdes_prot.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
authuxprot.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
bindrsvprt.c Move bits/libc-lock.h and bits/libc-lockP.h out of bits/ (bug 14912). 2015-09-08 21:11:03 +00:00
clnt_gen.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
clnt_perr.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
clnt_raw.c Convert 69 more function definitions to prototype style (line wrap cases). 2015-10-19 21:23:47 +00:00
clnt_simp.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
clnt_tcp.c Convert 69 more function definitions to prototype style (line wrap cases). 2015-10-19 21:23:47 +00:00
clnt_udp.c CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call [BZ #20112] 2016-05-23 20:18:34 +02:00
clnt_unix.c Convert 69 more function definitions to prototype style (line wrap cases). 2015-10-19 21:23:47 +00:00
create_xid.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
des_crypt.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
des_impl.c Replace FSF snail mail address with URLs. 2012-02-09 23:18:22 +00:00
des_soft.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
etc.rpc * sunrpc/etc.rpc (fedfs_admin): Add entry. 2012-12-05 19:45:23 -07:00
get_myaddr.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
getrpcbyname_r.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
getrpcbyname.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
getrpcbynumber_r.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
getrpcbynumber.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
getrpcent_r.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
getrpcent.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
getrpcport.c Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
key_call.c sunrpc: In key_call_keyenvoy, use int status instead of union wait 2016-03-08 10:04:24 +01:00
key_prot.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
Makefile Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
netname.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
openchild.c Remove use of INTDEF/INTUSE in libio 2012-05-24 23:06:20 +02:00
pm_getmaps.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
pm_getport.c Convert miscellaneous function definitions to prototype style. 2015-10-20 21:27:22 +00:00
pmap_clnt.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
pmap_prot2.c Convert 703 function definitions to prototype style. 2015-10-16 20:21:49 +00:00
pmap_prot.c Convert 703 function definitions to prototype style. 2015-10-16 20:21:49 +00:00
pmap_rmt.c Convert a few more function definitions to prototype style. 2015-10-21 11:57:23 +00:00
proto.h Support --with-pkgversion and --with-bugurl. 2012-11-09 22:13:45 +00:00
publickey.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
rpc_clntout.c sunrpc: fix rpc bootstrap builds 2012-07-06 00:37:42 -04:00
rpc_cmsg.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
rpc_common.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
rpc_cout.c Remove __GNU_LIBRARY__ conditionals from rpcgen. 2012-03-09 22:46:12 +00:00
rpc_dtable.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
rpc_hout.c Fix some -Wformat warnings in rpcgen. 2012-07-26 14:35:05 -07:00
rpc_main.c Document rpcgen -5. Fixes bug 15825 2013-10-21 10:02:31 +02:00
rpc_parse.c Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
rpc_parse.h Avoid nested comment. 2010-08-24 11:56:51 -07:00
rpc_prot.c Convert 703 function definitions to prototype style. 2015-10-16 20:21:49 +00:00
rpc_sample.c Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
rpc_scan.c Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
rpc_scan.h Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
rpc_svcout.c Fix some -Wformat warnings in rpcgen. 2012-07-26 14:35:05 -07:00
rpc_tblout.c Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
rpc_thread.c sunrpc: Rewrite with explicit TLS access using __thread 2015-10-17 12:07:04 +02:00
rpc_util.c Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
rpc_util.h Once again change RPC copyright notices. 2010-08-19 10:38:55 -07:00
rpcgen.c Use standard build rule to build rpcgen. 2012-03-10 00:56:21 +00:00
rpcinfo.c Convert 703 function definitions to prototype style. 2015-10-16 20:21:49 +00:00
rtime.c Add #include <stdint.h> for uint[32|64]_t usage (except installed headers). 2013-05-16 11:32:54 -05:00
svc_auth.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
svc_authux.c Obsolete RPC implementation in libc. 2011-04-16 21:59:36 -04:00
svc_raw.c Convert 703 function definitions to prototype style. 2015-10-16 20:21:49 +00:00
svc_run.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
svc_simple.c Fix sunrpc static library 2012-05-21 21:34:54 +02:00
svc_tcp.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
svc_udp.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
svc_unix.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
svc.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
svcauth_des.c Add #include <stdint.h> for uint[32|64]_t usage (except installed headers). 2013-05-16 11:32:54 -05:00
test-rpcent.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
thrsvc.c
tst-getmyaddr.c Update. 2004-09-28 23:08:14 +00:00
tst-xdrmem2.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
tst-xdrmem.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
Versions Exclude rpcent functions and NSS backends for rpc, key when excluding sunrpc. 2015-02-06 10:43:19 -08:00
xcrypt.c Fix sunrpc static library 2012-05-21 21:34:54 +02:00
xdr_array.c Convert miscellaneous function definitions to prototype style. 2015-10-20 21:27:22 +00:00
xdr_float.c Convert 703 function definitions to prototype style. 2015-10-16 20:21:49 +00:00
xdr_intXX_t.c Update copyright dates with scripts/update-copyrights. 2016-01-04 16:05:18 +00:00
xdr_mem.c Convert 703 function definitions to prototype style. 2015-10-16 20:21:49 +00:00
xdr_rec.c Add #include <stdint.h> for uint[32|64]_t usage (except installed headers). 2013-05-16 11:32:54 -05:00
xdr_ref.c Convert miscellaneous function definitions to prototype style. 2015-10-20 21:27:22 +00:00
xdr_sizeof.c Make sunrpc code usable again 2012-05-10 20:19:53 +02:00
xdr_stdio.c Remove use of INTDEF/INTUSE in libio 2012-05-24 23:06:20 +02:00
xdr.c Convert miscellaneous function definitions to prototype style. 2015-10-20 21:27:22 +00:00