wok diff samba/stuff/CVE-2017-7494.u @ rev 25279
updated rfkill (0.5 -> 1.0)
author | Hans-G?nter Theisgen |
---|---|
date | Mon Jul 18 15:03:30 2022 +0100 (2022-07-18) |
parents | |
children |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/samba/stuff/CVE-2017-7494.u Mon Jul 18 15:03:30 2022 +0100 1.3 @@ -0,0 +1,15 @@ 1.4 +CVE-2017-7494: rpc_server3: Refuse to open pipe names with / inside 1.5 +--- source3/rpc_server/srv_pipe.c 1.6 ++++ source3/rpc_server/srv_pipe.c 1.7 +@@ -384,6 +384,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax) 1.8 + { 1.9 + NTSTATUS status; 1.10 + 1.11 ++ if (strchr(pipename, '/')) { 1.12 ++ DEBUG(1, ("Refusing open on pipe %s\n", pipename)); 1.13 ++ return false; 1.14 ++ } 1.15 ++ 1.16 + if (lp_disable_spoolss() && strequal(pipename, "spoolss")) { 1.17 + DEBUG(10, ("refusing spoolss access\n")); 1.18 + return false;