diff options
| author | Simo Sorce <idra@samba.org> | 2009-01-07 09:30:00 -0500 |
|---|---|---|
| committer | Simo Sorce <idra@samba.org> | 2009-01-07 09:30:00 -0500 |
| commit | be49b5ec22ddd845d78eca7e7c2176c9d4c0aae3 (patch) | |
| tree | 3dc7c2f0a714738f3a31e6b0c646b357e5e36e72 /server/nss/nsssrv.c | |
| parent | 054321c995958ecc7f8e5a92f8d35c6a6bd6e809 (diff) | |
| download | sssd-be49b5ec22ddd845d78eca7e7c2176c9d4c0aae3.tar.gz sssd-be49b5ec22ddd845d78eca7e7c2176c9d4c0aae3.tar.xz sssd-be49b5ec22ddd845d78eca7e7c2176c9d4c0aae3.zip | |
Check size of incoming packets.
This should fix a buffer overflow waiting to be exploited :/
Diffstat (limited to 'server/nss/nsssrv.c')
| -rw-r--r-- | server/nss/nsssrv.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/server/nss/nsssrv.c b/server/nss/nsssrv.c index bd9202bdc..32ab43db1 100644 --- a/server/nss/nsssrv.c +++ b/server/nss/nsssrv.c @@ -112,7 +112,8 @@ static void client_recv(struct event_context *ev, struct cli_ctx *cctx) } if (!cctx->creq->in) { - ret = nss_packet_new(cctx->creq, 0, 0, &cctx->creq->in); + ret = nss_packet_new(cctx->creq, NSS_PACKET_MAX_RECV_SIZE, + 0, &cctx->creq->in); if (ret != EOK) { DEBUG(0, ("Failed to alloc request, aborting client!\n")); talloc_free(cctx); |