This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] DoS in RPC implementation (CVE-2011-4069)

From: Jeff Law <law at redhat dot com>
To: Roland McGrath <roland at hack dot frob dot com>
Cc: libc-alpha <libc-alpha at sourceware dot org>
Date: Wed, 28 Nov 2012 11:16:51 -0700
Subject: Re: [PATCH] DoS in RPC implementation (CVE-2011-4069)
References: <50AD2EF0.1040601@redhat.com> <20121121221054.83E582C0C8@topped-with-meat.com>

On 11/21/2012 03:10 PM, Roland McGrath wrote:

--- a/sunrpc/Versions
+++ b/sunrpc/Versions
@@ -118,5 +118,6 @@ libc {
    }
    GLIBC_PRIVATE {
      __libc_clntudp_bufcreate; __libc_rpc_getport;
+    __svc_accept_failed;

[...]

--- a/sunrpc/rpc/svc.h
+++ b/sunrpc/rpc/svc.h
@@ -316,4 +316,5 @@ extern SVCXPRT *svcunix_create (int __sock, u_int __sendsize, u_int __recvsize,
__END_DECLS

+extern void __svc_accept_failed (void) attribute_hidden;

Either it's hidden or it needs to be exported, not both.

It should be hidden (I think); it doesn't need to be used by anything except the internal routines within the sunrpc code.

Here's the updated version with the patch to sunrpc/Versions eliminated.

Attachment: patch
Description: Text document

Follow-Ups:
- Re: [PATCH] DoS in RPC implementation (CVE-2011-4069)
  - From: Carlos O'Donell

References:
- [PATCH] DoS in RPC implementation (CVE-2011-4069)
  - From: Jeff Law
- Re: [PATCH] DoS in RPC implementation (CVE-2011-4069)
  - From: Roland McGrath

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]