223eda903e
Fix Denial of Service vulnerability in named(8). [13:07] Fix a bug that allows remote client bypass the normal access checks when when -network or -host restrictions are used at the same time with -mapall. [13:08]
22 lines
742 B
Text
22 lines
742 B
Text
-----BEGIN PGP SIGNED MESSAGE-----
|
|
Hash: SHA1
|
|
|
|
Index: sys/kern/vfs_export.c
|
|
===================================================================
|
|
- --- sys/kern/vfs_export.c (revision 253367)
|
|
+++ sys/kern/vfs_export.c (working copy)
|
|
@@ -208,7 +208,7 @@
|
|
np->netc_anon = crget();
|
|
np->netc_anon->cr_uid = argp->ex_anon.cr_uid;
|
|
crsetgroups(np->netc_anon, argp->ex_anon.cr_ngroups,
|
|
- - np->netc_anon->cr_groups);
|
|
+ argp->ex_anon.cr_groups);
|
|
np->netc_anon->cr_prison = &prison0;
|
|
prison_hold(np->netc_anon->cr_prison);
|
|
np->netc_numsecflavors = argp->ex_numsecflavors;
|
|
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iEYEARECAAYFAlHzPsQACgkQFdaIBMps37J36gCgglvXt5i1cg/+gvs4mHyJ+mrj
|
|
tesAn1Qli/x2FjqbQ++FPs8qF2Sc7Rxs
|
|
=kdhf
|
|
-----END PGP SIGNATURE-----
|