wok diff samba/stuff/CVE-2017-7494.u @ rev 20912
updated fbcat (0.3 -> 0.5.1)
| author | Hans-G?nter Theisgen |
|---|---|
| date | Thu Feb 28 14:53:30 2019 +0100 (2019-02-28) |
| parents | |
| children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/samba/stuff/CVE-2017-7494.u Thu Feb 28 14:53:30 2019 +0100 1.3 @@ -0,0 +1,15 @@ 1.4 +CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside 1.5 +--- source3/rpc_server/srv_pipe.c 1.6 ++++ source3/rpc_server/srv_pipe.c 1.7 +@@ -384,6 +384,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax) 1.8 + { 1.9 + NTSTATUS status; 1.10 + 1.11 ++ if (strchr(pipename, '/')) { 1.12 ++ DEBUG(1, ("Refusing open on pipe %s\n", pipename)); 1.13 ++ return false; 1.14 ++ } 1.15 ++ 1.16 + if (lp_disable_spoolss() && strequal(pipename, "spoolss")) { 1.17 + DEBUG(10, ("refusing spoolss access\n")); 1.18 + return false;