upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-23 18:00:31 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/kgssapi
History
Conrad Meyer 9d77679a40 kgssapi(4): Don't allow user-provided arguments to overrun stack buffer 
An over-long path argument to gssd_syscall could overrun the stack sockaddr_un
buffer.  Fix gssd_syscall to not permit that.

If an over-long path is provided, gssd_syscall now returns EINVAL.

It looks like PRIV_NFS_DAEMON isn't granted anywhere, so my best guess is that
this is likely only triggerable by root.

Reported by:	Coverity
CID:		1006751
Sponsored by:	EMC / Isilon Storage Division
2016-04-20 05:02:13 +00:00
..
krb5 kcrypto_aes: Use separate sessions for AES and SHA1 2016-02-02 00:14:51 +00:00
gss_accept_sec_context.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_acquire_cred.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_add_oid_set_member.c
gss_canonicalize_name.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_create_empty_oid_set.c
gss_delete_sec_context.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_display_status.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_export_name.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_get_mic.c
gss_impl.c kgssapi(4): Don't allow user-provided arguments to overrun stack buffer 2016-04-20 05:02:13 +00:00
gss_import_name.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_init_sec_context.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_names.c
gss_pname_to_uid.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_release_buffer.c
gss_release_cred.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_release_name.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_release_oid_set.c
gss_set_cred_option.c Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gss_test_oid_set_member.c
gss_unwrap.c
gss_verify_mic.c
gss_wrap.c
gss_wrap_size_limit.c
gssapi.h
gssapi_impl.h Piete.Brooks at cl.cam.ac.uk reported via email a crash which was 2012-12-18 00:25:48 +00:00
gssd.x
gssd_prot.c
gsstest.c Place hostnames and similar information fully under the prison system. 2009-05-29 21:27:12 +00:00
kgss_if.m