# HG changeset patch
# User Pascal Bellard <pascal.bellard@slitaz.org>
# Date 1496074484 -7200
# Node ID 72f9047facbad8e82ed4d13f28400763f3556b6f
# Parent  29880ea81c0533f9988d8d82ec8145758df6751f
samba: CVE-2017-7494

diff -r 29880ea81c05 -r 72f9047facba samba/receipt
--- a/samba/receipt	Sun May 28 19:09:06 2017 +0200
+++ b/samba/receipt	Mon May 29 18:14:44 2017 +0200
@@ -22,6 +22,7 @@
 # Rules to configure and make the package.
 compile_rules()
 {
+	patch -p0 < $stuff/CVE-2017-7494.u
 	cd $src/source3
 	./configure --prefix=/usr --infodir=/usr/share/info \
 	--with-piddir=/var/run/samba --with-lockdir=/var/run/samba \
diff -r 29880ea81c05 -r 72f9047facba samba/stuff/CVE-2017-7494.u
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/samba/stuff/CVE-2017-7494.u	Mon May 29 18:14:44 2017 +0200
@@ -0,0 +1,15 @@
+CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside
+--- source3/rpc_server/srv_pipe.c
++++ source3/rpc_server/srv_pipe.c
+@@ -384,6 +384,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax)
+ {
+ 	NTSTATUS status;
+ 
++	if (strchr(pipename, '/')) {
++		DEBUG(1, ("Refusing open on pipe %s\n", pipename));
++		return false;
++	}
++
+ 	if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
+ 		DEBUG(10, ("refusing spoolss access\n"));
+ 		return false;