Commit d42eed4a authored Feb 27, 2017 by Florian Weimer

sunrpc: Avoid use-after-free read access in clntudp_call [BZ #21115]

After commit bc779a1a
(CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call
[BZ #20112]), ancillary data is stored on the heap,
but it is accessed after it has been freed.

The test case must be run under a heap debugger such as valgrind
to observe the invalid access.  A malloc implementation which
immediately calls munmap on free would catch this bug as well.

parent 963394a2

Show whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 55df1000
· Aug 18, 2019

mentioned in commit 55df1000

mentioned in commit 55df1000167b0143106e063f23159515d0c9c61c

Toggle commit list
mirror @mirror
mentioned in commit 045e3687
· Aug 18, 2019

mentioned in commit 045e3687

mentioned in commit 045e368799cd253ddbf8bdec42ed92e8ebb3ce67

Toggle commit list
mirror @mirror
mentioned in commit 36f173ab
· Aug 18, 2019

mentioned in commit 36f173ab

mentioned in commit 36f173ab3709b4a920a833b9af67f30bcba1ea01

Toggle commit list
mirror @mirror
mentioned in commit 9d0aec23
· Aug 18, 2019

mentioned in commit 9d0aec23

mentioned in commit 9d0aec236891576c7f12e935128364669b785233

Toggle commit list

Please register or to comment