]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit
projects / FreeBSD / FreeBSD.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3a5e520) | patch
kgssapi(4): Don't allow user-provided arguments to overrun stack buffer
authorcem <cem@FreeBSD.org>
Wed, 20 Apr 2016 05:02:13 +0000 (05:02 +0000)
committercem <cem@FreeBSD.org>
Wed, 20 Apr 2016 05:02:13 +0000 (05:02 +0000)
commit62fb6917238c65fe51b0be78a160203b02921685
treefe4359b517bf65a46730800e526cdd5c817d0ca7tree | snapshot
parent3a5e520024b3e85dc738a50fe40da3ef45a6d022commit | diff
kgssapi(4): Don't allow user-provided arguments to overrun stack buffer

An over-long path argument to gssd_syscall could overrun the stack sockaddr_un
buffer.  Fix gssd_syscall to not permit that.

If an over-long path is provided, gssd_syscall now returns EINVAL.

It looks like PRIV_NFS_DAEMON isn't granted anywhere, so my best guess is that
this is likely only triggerable by root.

Reported by: Coverity
CID: 1006751
Sponsored by: EMC / Isilon Storage Division
sys/kgssapi/gss_impl.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.