wok annotate samba/stuff/CVE-2017-7494.u @ rev 23079
updated liblinebreak and liblinebreak-dev (2.0 -> 2.1)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Tue Mar 10 16:26:23 2020 +0100 (2020-03-10) |
| parents | |
| children |
| rev | line source |
|---|---|
| pascal@19962 | 1 CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside |
| pascal@19962 | 2 --- source3/rpc_server/srv_pipe.c |
| pascal@19962 | 3 +++ source3/rpc_server/srv_pipe.c |
| pascal@19962 | 4 @@ -384,6 +384,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax) |
| pascal@19962 | 5 { |
| pascal@19962 | 6 NTSTATUS status; |
| pascal@19962 | 7 |
| pascal@19962 | 8 + if (strchr(pipename, '/')) { |
| pascal@19962 | 9 + DEBUG(1, ("Refusing open on pipe %s\n", pipename)); |
| pascal@19962 | 10 + return false; |
| pascal@19962 | 11 + } |
| pascal@19962 | 12 + |
| pascal@19962 | 13 if (lp_disable_spoolss() && strequal(pipename, "spoolss")) { |
| pascal@19962 | 14 DEBUG(10, ("refusing spoolss access\n")); |
| pascal@19962 | 15 return false; |