Compare commits
No commits in common. "c8-beta" and "c8s" have entirely different histories.
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
SOURCES/libtirpc-1.1.4.tar.bz2
|
SOURCES/libtirpc-1.1.4.tar.bz2
|
||||||
|
/libtirpc-1.1.4.tar.bz2
|
||||||
|
@ -1 +0,0 @@
|
|||||||
d85717035cb9bd6c45557a1eb1351d3af9a69ff7 SOURCES/libtirpc-1.1.4.tar.bz2
|
|
6
gating.yaml
Normal file
6
gating.yaml
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- rhel-8
|
||||||
|
decision_context: osci_compose_gate
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: osci.brew-build.revdeps.integration}
|
32
libtirpc-1.1.4-double-free.patch
Normal file
32
libtirpc-1.1.4-double-free.patch
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
commit 1d2e10afb2ffc35cb3623f57a15f712359f18e75
|
||||||
|
Author: Herb Wartens <wartens2@llnl.gov>
|
||||||
|
Date: Tue Aug 1 10:36:16 2023 -0400
|
||||||
|
|
||||||
|
rpcb_clnt.c: Eliminate double frees in delete_cache()
|
||||||
|
|
||||||
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2224666
|
||||||
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
||||||
|
|
||||||
|
diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
|
||||||
|
index c0a9e12..68fe69a 100644
|
||||||
|
--- a/src/rpcb_clnt.c
|
||||||
|
+++ b/src/rpcb_clnt.c
|
||||||
|
@@ -262,12 +262,15 @@ delete_cache(addr)
|
||||||
|
for (cptr = front; cptr != NULL; cptr = cptr->ac_next) {
|
||||||
|
if (!memcmp(cptr->ac_taddr->buf, addr->buf, addr->len)) {
|
||||||
|
/* Unlink from cache. We'll destroy it after releasing the mutex. */
|
||||||
|
- if (cptr->ac_uaddr)
|
||||||
|
+ if (cptr->ac_uaddr) {
|
||||||
|
free(cptr->ac_uaddr);
|
||||||
|
- if (prevptr)
|
||||||
|
+ cptr->ac_uaddr = NULL;
|
||||||
|
+ }
|
||||||
|
+ if (prevptr) {
|
||||||
|
prevptr->ac_next = cptr->ac_next;
|
||||||
|
- else
|
||||||
|
+ } else {
|
||||||
|
front = cptr->ac_next;
|
||||||
|
+ }
|
||||||
|
cachesize--;
|
||||||
|
break;
|
||||||
|
}
|
185
libtirpc-1.1.4-ip_local_reserved_ports.patch
Normal file
185
libtirpc-1.1.4-ip_local_reserved_ports.patch
Normal file
@ -0,0 +1,185 @@
|
|||||||
|
From 20148930201b732c5dd1003933dd70543d3e929d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Otto Hollmann <otto.hollmann@suse.com>
|
||||||
|
Date: Sat, 7 Oct 2023 03:48:22 -0400
|
||||||
|
Subject: [PATCH] binddynport.c honor ip_local_reserved_ports
|
||||||
|
|
||||||
|
Read reserved ports from /proc/sys/net/ipv4/ip_local_reserved_ports,
|
||||||
|
store them into bit-wise array and before binding to random port check
|
||||||
|
if port is not reserved.
|
||||||
|
|
||||||
|
Currently, there is no way how to reserve ports so then will not be
|
||||||
|
used by rpcbind.
|
||||||
|
|
||||||
|
Random ports are opened by rpcbind because of rmtcalls. There is
|
||||||
|
compile-time flag for disabling them, but in some cases we can not
|
||||||
|
simply disable them.
|
||||||
|
|
||||||
|
One solution would be run time option --enable-rmtcalls as already
|
||||||
|
discussed, but it was rejected. So if we want to keep rmtcalls enabled
|
||||||
|
and also be able to reserve some ports, there is no other way than
|
||||||
|
filtering available ports. The easiest and clearest way seems to be
|
||||||
|
just respect kernel list of ip_reserved_ports.
|
||||||
|
|
||||||
|
Unfortunately there is one known disadvantage/side effect - it affects
|
||||||
|
probability of ports which are right after reserved ones. The bigger
|
||||||
|
reserved block is, the higher is probability of selecting following
|
||||||
|
unreserved port. But if there is no reserved port, impact of this patch
|
||||||
|
is minimal/none.
|
||||||
|
|
||||||
|
Signed-off-by: Otto Hollmann <otto.hollmann@suse.com>
|
||||||
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
||||||
|
---
|
||||||
|
src/binddynport.c | 108 ++++++++++++++++++++++++++++++++++++++++++----
|
||||||
|
1 file changed, 100 insertions(+), 8 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/binddynport.c b/src/binddynport.c
|
||||||
|
index 062629a..c2e9a20 100644
|
||||||
|
--- a/src/binddynport.c
|
||||||
|
+++ b/src/binddynport.c
|
||||||
|
@@ -37,6 +37,7 @@
|
||||||
|
#include <unistd.h>
|
||||||
|
#include <errno.h>
|
||||||
|
#include <string.h>
|
||||||
|
+#include <syslog.h>
|
||||||
|
|
||||||
|
#include <rpc/rpc.h>
|
||||||
|
|
||||||
|
@@ -56,6 +57,84 @@ enum {
|
||||||
|
NPORTS = ENDPORT - LOWPORT + 1,
|
||||||
|
};
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * This function decodes information about given port from provided array and
|
||||||
|
+ * return if port is reserved or not.
|
||||||
|
+ *
|
||||||
|
+ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
|
||||||
|
+ * @port port number within range LOWPORT and ENDPORT
|
||||||
|
+ *
|
||||||
|
+ * Returns 0 if port is not reserved, non-negative if port is reserved.
|
||||||
|
+ */
|
||||||
|
+static int is_reserved(char *reserved_ports, int port) {
|
||||||
|
+ port -= LOWPORT;
|
||||||
|
+ if (port < 0 || port >= NPORTS)
|
||||||
|
+ return 0;
|
||||||
|
+ return reserved_ports[port/(8*sizeof(char))] & 1<<(port%(8*sizeof(char)));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * This function encodes information about given *reserved* port into provided
|
||||||
|
+ * array. Don't call this function for ports which are not reserved.
|
||||||
|
+ *
|
||||||
|
+ * @reserved_ports an array of size at least "NPORTS / (8*sizeof(char)) + 1".
|
||||||
|
+ * @port port number within range LOWPORT and ENDPORT
|
||||||
|
+ *
|
||||||
|
+ */
|
||||||
|
+static void set_reserved(char *reserved_ports, int port) {
|
||||||
|
+ port -= LOWPORT;
|
||||||
|
+ if (port < 0 || port >= NPORTS)
|
||||||
|
+ return;
|
||||||
|
+ reserved_ports[port/(8*sizeof(char))] |= 1<<(port%(8*sizeof(char)));
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
+/*
|
||||||
|
+ * Parse local reserved ports obtained from
|
||||||
|
+ * /proc/sys/net/ipv4/ip_local_reserved_ports into bit array.
|
||||||
|
+ *
|
||||||
|
+ * @reserved_ports a zeroed array of size at least
|
||||||
|
+ * "NPORTS / (8*sizeof(char)) + 1". Will be used for bit-wise encoding of
|
||||||
|
+ * reserved ports.
|
||||||
|
+ *
|
||||||
|
+ * On each call, reserved ports are read from /proc and bit-wise stored into
|
||||||
|
+ * provided array
|
||||||
|
+ *
|
||||||
|
+ * Returns 0 on success, -1 on failure.
|
||||||
|
+ */
|
||||||
|
+
|
||||||
|
+static int parse_reserved_ports(char *reserved_ports) {
|
||||||
|
+ int from=0, to;
|
||||||
|
+ char delimiter = ',';
|
||||||
|
+ int res;
|
||||||
|
+ FILE * file_ptr = fopen("/proc/sys/net/ipv4/ip_local_reserved_ports","r");
|
||||||
|
+ if (file_ptr == NULL) {
|
||||||
|
+ (void) syslog(LOG_ERR,
|
||||||
|
+ "Unable to open open /proc/sys/net/ipv4/ip_local_reserved_ports.");
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+ do {
|
||||||
|
+ if ((res = fscanf(file_ptr, "%d", &to)) != 1) {
|
||||||
|
+ if (res == EOF) break;
|
||||||
|
+ goto err;
|
||||||
|
+ }
|
||||||
|
+ if (delimiter != '-') {
|
||||||
|
+ from = to;
|
||||||
|
+ }
|
||||||
|
+ for (int i = from; i <= to; ++i) {
|
||||||
|
+ set_reserved(reserved_ports, i);
|
||||||
|
+ }
|
||||||
|
+ } while ((res = fscanf(file_ptr, "%c", &delimiter)) == 1);
|
||||||
|
+ if (res != EOF)
|
||||||
|
+ goto err;
|
||||||
|
+ fclose(file_ptr);
|
||||||
|
+ return 0;
|
||||||
|
+err:
|
||||||
|
+ (void) syslog(LOG_ERR,
|
||||||
|
+ "An error occurred while parsing ip_local_reserved_ports.");
|
||||||
|
+ fclose(file_ptr);
|
||||||
|
+ return -1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Bind a socket to a dynamically-assigned IP port.
|
||||||
|
*
|
||||||
|
@@ -81,7 +160,8 @@ int __binddynport(int fd)
|
||||||
|
in_port_t port, *portp;
|
||||||
|
struct sockaddr *sap;
|
||||||
|
socklen_t salen;
|
||||||
|
- int i, res;
|
||||||
|
+ int i, res, array_size;
|
||||||
|
+ char *reserved_ports = NULL;
|
||||||
|
|
||||||
|
if (__rpc_sockisbound(fd))
|
||||||
|
return 0;
|
||||||
|
@@ -119,21 +199,33 @@ int __binddynport(int fd)
|
||||||
|
gettimeofday(&tv, NULL);
|
||||||
|
seed = tv.tv_usec * getpid();
|
||||||
|
}
|
||||||
|
+ array_size = NPORTS / (8*sizeof(char)) + 1;
|
||||||
|
+ reserved_ports = malloc(array_size);
|
||||||
|
+ if (!reserved_ports) {
|
||||||
|
+ goto out;
|
||||||
|
+ }
|
||||||
|
+ memset(reserved_ports, 0, array_size);
|
||||||
|
+ if (parse_reserved_ports(reserved_ports) < 0)
|
||||||
|
+ goto out;
|
||||||
|
+
|
||||||
|
port = (rand_r(&seed) % NPORTS) + LOWPORT;
|
||||||
|
for (i = 0; i < NPORTS; ++i) {
|
||||||
|
- *portp = htons(port++);
|
||||||
|
- res = bind(fd, sap, salen);
|
||||||
|
- if (res >= 0) {
|
||||||
|
- res = 0;
|
||||||
|
- break;
|
||||||
|
+ *portp = htons(port);
|
||||||
|
+ if (!is_reserved(reserved_ports, port++)) {
|
||||||
|
+ res = bind(fd, sap, salen);
|
||||||
|
+ if (res >= 0) {
|
||||||
|
+ res = 0;
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ if (errno != EADDRINUSE)
|
||||||
|
+ break;
|
||||||
|
}
|
||||||
|
- if (errno != EADDRINUSE)
|
||||||
|
- break;
|
||||||
|
if (port > ENDPORT)
|
||||||
|
port = LOWPORT;
|
||||||
|
}
|
||||||
|
|
||||||
|
out:
|
||||||
|
+ free(reserved_ports);
|
||||||
|
mutex_unlock(&port_lock);
|
||||||
|
return res;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.40.1
|
||||||
|
|
23
libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch
Normal file
23
libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
commit 6951a9c3139c9c7dbb0bdae70737996011fc7a37
|
||||||
|
Author: Herb Wartens <wartens2@llnl.gov>
|
||||||
|
Date: Mon Mar 18 11:07:15 2024 -0400
|
||||||
|
|
||||||
|
rpcb_clnt.c: memory leak in destroy_addr
|
||||||
|
|
||||||
|
Piece was dropped from original fix.
|
||||||
|
|
||||||
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2225226
|
||||||
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
||||||
|
|
||||||
|
diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
|
||||||
|
index 68fe69a..d909efc 100644
|
||||||
|
--- a/src/rpcb_clnt.c
|
||||||
|
+++ b/src/rpcb_clnt.c
|
||||||
|
@@ -121,6 +121,7 @@ destroy_addr(addr)
|
||||||
|
free(addr->ac_taddr->buf);
|
||||||
|
addr->ac_taddr->buf = NULL;
|
||||||
|
}
|
||||||
|
+ free(addr->ac_taddr);
|
||||||
|
addr->ac_taddr = NULL;
|
||||||
|
}
|
||||||
|
free(addr);
|
48
libtirpc-1.1.4-null-ptrs-not-reused.patch
Normal file
48
libtirpc-1.1.4-null-ptrs-not-reused.patch
Normal file
@ -0,0 +1,48 @@
|
|||||||
|
commit 89c63bdfd79b1c94384daaaa03a9e3582540f843
|
||||||
|
Author: Herb Wartens <wartens2@llnl.gov>
|
||||||
|
Date: Tue Aug 1 10:21:42 2023 -0400
|
||||||
|
|
||||||
|
rpcb_clnt.c: memory leak in destroy_addr
|
||||||
|
|
||||||
|
Null pointers so they are not used again
|
||||||
|
|
||||||
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2225226
|
||||||
|
Signed-off-by: Steve Dickson <steved@redhat.com>
|
||||||
|
|
||||||
|
diff --git a/src/rpcb_clnt.c b/src/rpcb_clnt.c
|
||||||
|
index d178d86..c0a9e12 100644
|
||||||
|
--- a/src/rpcb_clnt.c
|
||||||
|
+++ b/src/rpcb_clnt.c
|
||||||
|
@@ -104,17 +104,27 @@ destroy_addr(addr)
|
||||||
|
{
|
||||||
|
if (addr == NULL)
|
||||||
|
return;
|
||||||
|
- if(addr->ac_host != NULL)
|
||||||
|
+ if (addr->ac_host != NULL) {
|
||||||
|
free(addr->ac_host);
|
||||||
|
- if(addr->ac_netid != NULL)
|
||||||
|
+ addr->ac_host = NULL;
|
||||||
|
+ }
|
||||||
|
+ if (addr->ac_netid != NULL) {
|
||||||
|
free(addr->ac_netid);
|
||||||
|
- if(addr->ac_uaddr != NULL)
|
||||||
|
+ addr->ac_netid = NULL;
|
||||||
|
+ }
|
||||||
|
+ if (addr->ac_uaddr != NULL) {
|
||||||
|
free(addr->ac_uaddr);
|
||||||
|
- if(addr->ac_taddr != NULL) {
|
||||||
|
- if(addr->ac_taddr->buf != NULL)
|
||||||
|
+ addr->ac_uaddr = NULL;
|
||||||
|
+ }
|
||||||
|
+ if (addr->ac_taddr != NULL) {
|
||||||
|
+ if(addr->ac_taddr->buf != NULL) {
|
||||||
|
free(addr->ac_taddr->buf);
|
||||||
|
+ addr->ac_taddr->buf = NULL;
|
||||||
|
+ }
|
||||||
|
+ addr->ac_taddr = NULL;
|
||||||
|
}
|
||||||
|
free(addr);
|
||||||
|
+ addr = NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
Name: libtirpc
|
Name: libtirpc
|
||||||
Version: 1.1.4
|
Version: 1.1.4
|
||||||
Release: 8%{?dist}
|
Release: 12%{?dist}
|
||||||
Summary: Transport Independent RPC Library
|
Summary: Transport Independent RPC Library
|
||||||
Group: System Environment/Libraries
|
Group: System Environment/Libraries
|
||||||
License: SISSL and BSD
|
License: SISSL and BSD
|
||||||
@ -47,6 +47,14 @@ Patch008: libtirpc-1.1.4-v2proto-mech.patch
|
|||||||
# bz 2112116
|
# bz 2112116
|
||||||
Patch009: libtirpc-1.1.4-multithr-cleanup.patch
|
Patch009: libtirpc-1.1.4-multithr-cleanup.patch
|
||||||
|
|
||||||
|
#
|
||||||
|
# RHEL 8.10
|
||||||
|
#
|
||||||
|
Patch010: libtirpc-1.1.4-null-ptrs-not-reused.patch
|
||||||
|
Patch011: libtirpc-1.1.4-double-free.patch
|
||||||
|
Patch012: libtirpc-1.1.4-null-ptrs-not-reused-fixed.patch
|
||||||
|
Patch013: libtirpc-1.1.4-ip_local_reserved_ports.patch
|
||||||
|
|
||||||
BuildRequires: automake, autoconf, libtool, pkgconfig
|
BuildRequires: automake, autoconf, libtool, pkgconfig
|
||||||
BuildRequires: krb5-devel
|
BuildRequires: krb5-devel
|
||||||
|
|
||||||
@ -166,6 +174,18 @@ mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
|
|||||||
%{_mandir}/*/*
|
%{_mandir}/*/*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Apr 26 2024 Steve Dickson <steved@redhat.com> 1.1.4-12
|
||||||
|
- binddynport.c honor ip_local_reserved_ports (RHEL-27005)
|
||||||
|
|
||||||
|
* Tue Mar 19 2024 Steve Dickson <steved@redhat.com> 1.1.4-11
|
||||||
|
- rpcb_clnt.c (fixed): Eliminate double frees in delete_cache() (RHEL-11293)
|
||||||
|
|
||||||
|
* Tue Mar 5 2024 Steve Dickson <steved@redhat.com> 1.1.4-10
|
||||||
|
- rpcb_clnt.c: Eliminate double frees in delete_cache() (RHEL-11293)
|
||||||
|
|
||||||
|
* Mon Mar 4 2024 Steve Dickson <steved@redhat.com> 1.1.4-9
|
||||||
|
- Null pointers so they are not used again (RHEL-11370)
|
||||||
|
|
||||||
* Wed Aug 3 2022 Steve Dickson <steved@redhat.com> 1.1.4-8
|
* Wed Aug 3 2022 Steve Dickson <steved@redhat.com> 1.1.4-8
|
||||||
- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
|
- rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)
|
||||||
- Multithreaded cleanup (bz 2112116)
|
- Multithreaded cleanup (bz 2112116)
|
Loading…
Reference in New Issue
Block a user