Page MenuHomeFreeBSD
Differential D6623

Bounds check rpcbs_rmtcall(..) to ensure rtype is less than RPCBVERS_STAT
ClosedPublic
Actions

Authored by ngie on May 29 2016, 6:43 AM.
Tags
None
Referenced Files
Unknown Object (File)
Jan 5 2024, 6:28 PM
Unknown Object (File)
Dec 23 2023, 5:06 AM
Unknown Object (File)
Oct 2 2023, 8:48 PM
Unknown Object (File)
Aug 10 2023, 3:18 PM
Unknown Object (File)
Apr 26 2023, 3:48 PM
Unknown Object (File)
Apr 8 2023, 9:16 PM
Unknown Object (File)
Dec 21 2022, 6:39 AM
Unknown Object (File)
Nov 28 2022, 2:01 PM
View All 14 Files
Subscribers
alfred
imp
markj
rmacklem
truckman

Details

Reviewers
truckman
Summary

Bounds check rpcbs_rmtcall(..) to ensure rtype is less than RPCBVERS_STAT

Not returning if rtype == RPCBVERS_STAT will cause us to overrun the inf array, as
it's defined to be exactly RPCBVERS_STAT elements in rpcb_prot.x:

include/rpc/rpcb_prot.x:typedef rpcb_stat rpcb_stat_byvers[RPCBVERS_STAT];

The proposed change also matches the rest of the rtype upper bound checks in the
file, so the original change was likely a typo.

MFC after: 2 weeks
Reported by: Coverity
CID: 1007567
Sponsored by: EMC / Isilon Storage Division

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

ngie updated this revision to Diff 17054.May 29 2016, 6:43 AM
ngie retitled this revision from to Bounds check rpcbs_rmtcall(..) to ensure rtype is less than RPCBVERS_STAT.
ngie updated this object.
ngie edited the test plan for this revision. (Show Details)
ngie set the repository for this revision to rS FreeBSD src repository - subversion.
ngie added subscribers: alfred, truckman, markj, rmacklem.
Herald added a subscriber: imp. · View Herald TranscriptMay 29 2016, 6:43 AM
truckman added a comment.May 30 2016, 8:59 PM

That looks correct to me.

truckman accepted this revision.May 30 2016, 9:00 PM
truckman added a reviewer: truckman.
This revision is now accepted and ready to land.May 30 2016, 9:00 PM
ngie closed this revision.Jun 8 2016, 12:45 PM

Revision Contents
Changeset List

PathSize
2 lines

Diff 17054

View Options

rpcb_stat.c

Loading...