WebSVN – OpenWrt – Blame – Rev 1 – /trunk/package/network/services/samba36/patches/029-CVE-2017-7494-v3-6.patch

1

office

1

From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001

2

From: Volker Lendecke <vl@samba.org>

3

Date: Mon, 8 May 2017 21:40:40 +0200

4

Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with /

5

inside

6

7

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780

8

9

Signed-off-by: Volker Lendecke <vl@samba.org>

10

Reviewed-by: Jeremy Allison <jra@samba.org>

11

Reviewed-by: Stefan Metzmacher <metze@samba.org>

12

---

13

source3/rpc_server/srv_pipe.c | 5 +++++

14

1 file changed, 5 insertions(+)

15

16

--- a/source3/rpc_server/srv_pipe.c

17

+++ b/source3/rpc_server/srv_pipe.c

18

@@ -473,6 +473,11 @@ bool is_known_pipename(const char *cli_f

pipename += 1;

}

+ if (strchr(pipename, '/')) {

23

+ DEBUG(1, ("Refusing open on pipe %s\n", pipename));

+ return false;

+ }

+

if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {

28

DEBUG(10, ("refusing spoolss access\n"));

29

return false;

OpenWrt – Blame information for rev 1