mirror of
https://github.com/opnsense/src.git
synced 2026-02-23 18:00:31 -05:00
An over-long path argument to gssd_syscall could overrun the stack sockaddr_un buffer. Fix gssd_syscall to not permit that. If an over-long path is provided, gssd_syscall now returns EINVAL. It looks like PRIV_NFS_DAEMON isn't granted anywhere, so my best guess is that this is likely only triggerable by root. Reported by: Coverity CID: 1006751 Sponsored by: EMC / Isilon Storage Division |
||
|---|---|---|
| .. | ||
| krb5 | ||
| gss_accept_sec_context.c | ||
| gss_acquire_cred.c | ||
| gss_add_oid_set_member.c | ||
| gss_canonicalize_name.c | ||
| gss_create_empty_oid_set.c | ||
| gss_delete_sec_context.c | ||
| gss_display_status.c | ||
| gss_export_name.c | ||
| gss_get_mic.c | ||
| gss_impl.c | ||
| gss_import_name.c | ||
| gss_init_sec_context.c | ||
| gss_names.c | ||
| gss_pname_to_uid.c | ||
| gss_release_buffer.c | ||
| gss_release_cred.c | ||
| gss_release_name.c | ||
| gss_release_oid_set.c | ||
| gss_set_cred_option.c | ||
| gss_test_oid_set_member.c | ||
| gss_unwrap.c | ||
| gss_verify_mic.c | ||
| gss_wrap.c | ||
| gss_wrap_size_limit.c | ||
| gssapi.h | ||
| gssapi_impl.h | ||
| gssd.x | ||
| gssd_prot.c | ||
| gsstest.c | ||
| kgss_if.m | ||