Updated to the latest upstream release: rpcbind-1_2_9

- Updated the URL in the RPM header to
  https://sourceforge.net/projects/rpcbind
- Updated to rpcbind-1.2.9 to fix various memory leaks
- Renamed RPCBIND_ARGS to RPCBIND_OPTIONS in /etc/sysconfig/rpcbind

Resolves: RHEL-174800
Resolves: RHEL-174804
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
This commit is contained in:
Scott Mayhew 2026-07-01 09:47:49 -04:00
parent 5a0d849e35
commit 941d5b4be9
11 changed files with 57 additions and 313 deletions

4
.gitignore vendored
View File

@ -1,4 +1,4 @@
x86_64
Makefile
rpcbind-1.2.7/
/rpcbind-1.2.7.tar.bz2
rpcbind-1.2.9/
/rpcbind-1.2.9.tar.bz2

View File

@ -1,138 +0,0 @@
commit 1805cdb116bd076dc5746beeb6dc79067a79d094
Author: NeilBrown <neilb@suse.com>
Date: Wed Nov 16 10:53:07 2016 -0500
Move default state-dir to a subdirectory of /var/run
rpcbind can save state in a file to allow restart without forgetting
about running services.
The default location is currently "/tmp" which is
not ideal for system files. It is particularly unpleasant
to put simple files there rather than creating a directory
to contain them.
On a modern Linux system it is preferable to use /run, and there it is
even more consistent with practice to use a subdirectory.
This directory needs to be create one each boot, and while there are
tools (e.g. systemd-tmpfiles) which can do that it is cleaner to keep
rpcbind self-contained and have it create the directory.
So change the default location to /var/run/rpcbind, and create that
directory. If a different user-id is used, we need to create
and chown the directory before dropping privileges. We do this
with care so avoid chowning the wrong thing by mistake.
Signed-off-by: NeilBrown <neilb@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/configure.ac b/configure.ac
index f84921e..acc6914 100644
--- a/configure.ac
+++ b/configure.ac
@@ -22,8 +22,8 @@ AC_ARG_ENABLE([warmstarts],
AM_CONDITIONAL(WARMSTART, test x$enable_warmstarts = xyes)
AC_ARG_WITH([statedir],
- AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/tmp@:>@])
- ,, [with_statedir=/tmp])
+ AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/var/run/rpcbind@:>@])
+ ,, [with_statedir=/var/run/rpcbind])
AC_SUBST([statedir], [$with_statedir])
AC_ARG_WITH([rpcuser],
diff --git a/src/rpcbind.c b/src/rpcbind.c
index 87ccdc2..8db8dfc 100644
--- a/src/rpcbind.c
+++ b/src/rpcbind.c
@@ -263,6 +263,11 @@ main(int argc, char *argv[])
syslog(LOG_ERR, "cannot get uid of '%s': %m", id);
exit(1);
}
+#ifdef WARMSTART
+ if (warmstart) {
+ mkdir_warmstart(p->pw_uid);
+ }
+#endif
if (setgid(p->pw_gid) == -1) {
syslog(LOG_ERR, "setgid to '%s' (%d) failed: %m", id, p->pw_gid);
exit(1);
diff --git a/src/rpcbind.h b/src/rpcbind.h
index 74f9591..5b1a9bb 100644
--- a/src/rpcbind.h
+++ b/src/rpcbind.h
@@ -129,6 +129,7 @@ int is_localroot(struct netbuf *);
extern void pmap_service(struct svc_req *, SVCXPRT *);
#endif
+void mkdir_warmstart(int uid);
void write_warmstart(void);
void read_warmstart(void);
diff --git a/src/warmstart.c b/src/warmstart.c
index 122a058..aafcb61 100644
--- a/src/warmstart.c
+++ b/src/warmstart.c
@@ -45,19 +45,23 @@
#include <syslog.h>
#include <unistd.h>
#include <errno.h>
+#include <fcntl.h>
#include "rpcbind.h"
-#ifndef RPCBIND_STATEDIR
-#define RPCBIND_STATEDIR "/tmp"
-#endif
-
/* These files keep the pmap_list and rpcb_list in XDR format */
#define RPCBFILE RPCBIND_STATEDIR "/rpcbind.xdr"
#ifdef PORTMAP
#define PMAPFILE RPCBIND_STATEDIR "/portmap.xdr"
#endif
+#ifndef O_DIRECTORY
+#define O_DIRECTORY 0
+#endif
+#ifndef O_NOFOLLOW
+#define O_NOFOLLOW 0
+#endif
+
static bool_t write_struct(char *, xdrproc_t, void *);
static bool_t read_struct(char *, xdrproc_t, void *);
@@ -139,8 +143,33 @@ error:
}
void
+mkdir_warmstart(int uid)
+{
+ /* Already exists? */
+ if (access(RPCBIND_STATEDIR, X_OK) == 0)
+ return;
+
+ if (mkdir(RPCBIND_STATEDIR, 0770) == 0) {
+ int fd = open(RPCBIND_STATEDIR, O_RDONLY | O_DIRECTORY | O_NOFOLLOW);
+ if (fd >= 0) {
+ if (fchown(fd, uid, -1) < 0) {
+ syslog(LOG_ERR,
+ "mkdir_warmstart: open failed '%s', errno %d (%s)",
+ RPCBIND_STATEDIR, errno, strerror(errno));
+ }
+ close(fd);
+ } else
+ syslog(LOG_ERR, "mkdir_warmstart: open failed '%s', errno %d (%s)",
+ RPCBIND_STATEDIR, errno, strerror(errno));
+ } else
+ syslog(LOG_ERR, "mkdir_warmstart: mkdir failed '%s', errno %d (%s)",
+ RPCBIND_STATEDIR, errno, strerror(errno));
+}
+
+void
write_warmstart()
{
+ (void) mkdir(RPCBIND_STATEDIR, 0770);
(void) write_struct(RPCBFILE, (xdrproc_t)xdr_rpcblist_ptr, &list_rbl);
#ifdef PORTMAP
(void) write_struct(PMAPFILE, (xdrproc_t)xdr_pmaplist_ptr, &list_pml);

View File

@ -1,11 +0,0 @@
diff -up rpcbind-1.2.6/systemd/rpcbind.service.in.orig rpcbind-1.2.6/systemd/rpcbind.service.in
--- rpcbind-1.2.6/systemd/rpcbind.service.in.orig 2022-07-12 16:18:16.272919592 -0400
+++ rpcbind-1.2.6/systemd/rpcbind.service.in 2022-07-12 16:19:14.153189756 -0400
@@ -12,6 +12,7 @@ Wants=rpcbind.target
[Service]
Type=notify
# distro can provide a drop-in adding EnvironmentFile=-/??? if needed.
+EnvironmentFile=/etc/sysconfig/rpcbind
ExecStart=@_sbindir@/rpcbind $RPCBIND_OPTIONS @warmstarts_opt@ -f
[Install]

View File

@ -1,61 +0,0 @@
diff -up rpcbind-1.2.7/configure.ac.orig rpcbind-1.2.7/configure.ac
--- rpcbind-1.2.7/configure.ac.orig 2024-07-30 10:57:07.374738667 -0400
+++ rpcbind-1.2.7/configure.ac 2024-07-30 10:59:36.195668928 -0400
@@ -32,8 +32,8 @@ AC_ARG_ENABLE([rmtcalls],
AM_CONDITIONAL(RMTCALLS, test x$enable_rmtcalls = xyes)
AC_ARG_WITH([statedir],
- AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/var/run/rpcbind@:>@])
- ,, [with_statedir=/var/run/rpcbind])
+ AS_HELP_STRING([--with-statedir=ARG], [use ARG as state dir @<:@default=/run/rpcbind@:>@])
+ ,, [with_statedir=/run/rpcbind])
AC_SUBST([statedir], [$with_statedir])
AC_ARG_WITH([rpcuser],
diff -up rpcbind-1.2.7/configure.orig rpcbind-1.2.7/configure
--- rpcbind-1.2.7/configure.orig 2024-07-25 16:49:00.000000000 -0400
+++ rpcbind-1.2.7/configure 2024-07-30 11:01:42.660459442 -0400
@@ -1429,7 +1429,7 @@ Optional Features:
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
--without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no)
- --with-statedir=ARG use ARG as state dir [default=/var/run/rpcbind]
+ --with-statedir=ARG use ARG as state dir [default=/run/rpcbind]
--with-rpcuser=ARG use ARG for RPC [default=root]
@@ -4440,7 +4440,7 @@ if test ${with_statedir+y}
then :
withval=$with_statedir;
else $as_nop
- with_statedir=/var/run/rpcbind
+ with_statedir=/run/rpcbind
fi
statedir=$with_statedir
diff -up rpcbind-1.2.7/man/rpcbind-fr.8.orig rpcbind-1.2.7/man/rpcbind-fr.8
--- rpcbind-1.2.7/man/rpcbind-fr.8.orig 2024-07-25 11:55:23.000000000 -0400
+++ rpcbind-1.2.7/man/rpcbind-fr.8 2024-07-30 10:59:36.198668946 -0400
@@ -138,8 +138,8 @@ est redémarré.
.Xr rpcbind 3 ,
.Xr rpcinfo 8
.Sh FILES
-.Bl -tag -width /var/run/rpcbind.sock -compact
-.It Pa /var/run/rpcbind.sock
+.Bl -tag -width /run/rpcbind.sock -compact
+.It Pa /run/rpcbind.sock
.Sh TRADUCTION
Aurelien CHARBON (Sept 2003)
.El
diff -up rpcbind-1.2.7/src/rpcbind.c.orig rpcbind-1.2.7/src/rpcbind.c
--- rpcbind-1.2.7/src/rpcbind.c.orig 2024-07-30 10:57:07.404738854 -0400
+++ rpcbind-1.2.7/src/rpcbind.c 2024-07-30 10:59:36.198668946 -0400
@@ -105,7 +105,7 @@ char *nss_modules = "files";
/* who to suid to if -s is given */
#define RUN_AS "daemon"
-#define RPCBINDDLOCK "/var/run/rpcbind.lock"
+#define RPCBINDDLOCK RPCBIND_STATEDIR "/rpcbind.lock"
int runasdaemon = 0;
int insecure = 0;

View File

@ -1,16 +1,16 @@
diff -up rpcbind-1.2.6/src/rpcbind.c.orig rpcbind-1.2.6/src/rpcbind.c
--- rpcbind-1.2.6/src/rpcbind.c.orig 2022-07-12 16:25:36.422972803 -0400
+++ rpcbind-1.2.6/src/rpcbind.c 2022-07-12 16:26:00.679085433 -0400
@@ -143,6 +143,8 @@ static void rbllist_add(rpcprog_t, rpcve
static void terminate(int);
static void parseargs(int, char *[]);
diff -up rpcbind-1.2.8/src/rpcbind.c.orig rpcbind-1.2.8/src/rpcbind.c
--- rpcbind-1.2.8/src/rpcbind.c.orig 2025-07-26 16:57:24.000000000 -0400
+++ rpcbind-1.2.8/src/rpcbind.c 2025-07-26 17:15:51.933467872 -0400
@@ -214,6 +214,8 @@ static void version()
fprintf(stderr, "\n");
}
+char *systemdtmp = "/usr/bin/systemd-tmpfiles --create rpcbind.conf";
+
int
main(int argc, char *argv[])
{
@@ -150,13 +152,21 @@ main(int argc, char *argv[])
@@ -221,13 +223,21 @@ main(int argc, char *argv[])
void *nc_handle; /* Net config handle */
struct rlimit rl;
int maxrec = RPC_MAXDATASIZE;

View File

@ -1,20 +0,0 @@
diff -up rpcbind-1.2.7/systemd/rpcbind.service.in.orig rpcbind-1.2.7/systemd/rpcbind.service.in
--- rpcbind-1.2.7/systemd/rpcbind.service.in.orig 2024-08-06 15:49:22.161273198 -0400
+++ rpcbind-1.2.7/systemd/rpcbind.service.in 2024-08-06 15:49:49.210454941 -0400
@@ -7,13 +7,14 @@ RequiresMountsFor=@statedir@
# Make sure we use the IP addresses listed for
# rpcbind.socket, no matter how this unit is started.
Requires=rpcbind.socket
-Wants=rpcbind.target
+Wants=rpcbind.target systemd-tmpfiles-setup.service
+After=systemd-tmpfiles-setup.service
[Service]
Type=notify
# distro can provide a drop-in adding EnvironmentFile=-/??? if needed.
EnvironmentFile=/etc/sysconfig/rpcbind
-ExecStart=@_sbindir@/rpcbind $RPCBIND_OPTIONS @warmstarts_opt@ -f
+ExecStart=@_sbindir@/rpcbind $RPCBIND_ARGS @warmstarts_opt@ -f
[Install]
WantedBy=multi-user.target

View File

@ -1,64 +0,0 @@
commit 0bc1c0ae7ce61a7ac8a8e9a9b2086268f011abf0
Author: Steve Dickson <steved@redhat.com>
Date: Tue Oct 9 09:19:50 2018 -0400
rpcinfo: Fix stack buffer overflow
*** buffer overflow detected ***: rpcinfo terminated
======= Backtrace: =========
/lib64/libc.so.6(+0x721af)[0x7ff24c4451af]
/lib64/libc.so.6(__fortify_fail+0x37)[0x7ff24c4ccdc7]
/lib64/libc.so.6(+0xf8050)[0x7ff24c4cb050]
rpcinfo(+0x435f)[0xef3be2635f]
rpcinfo(+0x1c62)[0xef3be23c62]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7ff24c3f36e5]
rpcinfo(+0x2739)[0xef3be24739]
======= Memory map: ========
...
The patch below fixes it.
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Signed-off-by: Thomas Blume <thomas.blume@suse.com>
Signed-off-by: Steve Dickson <steved@redhat.com>
diff --git a/src/rpcinfo.c b/src/rpcinfo.c
index 9b46864..cfdba88 100644
--- a/src/rpcinfo.c
+++ b/src/rpcinfo.c
@@ -973,6 +973,7 @@ rpcbdump (dumptype, netid, argc, argv)
(" program version(s) netid(s) service owner\n");
for (rs = rs_head; rs; rs = rs->next)
{
+ size_t netidmax = sizeof(buf) - 1;
char *p = buf;
printf ("%10ld ", rs->prog);
@@ -985,12 +986,22 @@ rpcbdump (dumptype, netid, argc, argv)
}
printf ("%-10s", buf);
buf[0] = '\0';
- for (nl = rs->nlist; nl; nl = nl->next)
- {
- strcat (buf, nl->netid);
- if (nl->next)
- strcat (buf, ",");
- }
+
+ for (nl = rs->nlist; nl; nl = nl->next)
+ {
+ strncat (buf, nl->netid, netidmax);
+ if (strlen (nl->netid) < netidmax)
+ netidmax -= strlen(nl->netid);
+ else
+ break;
+
+ if (nl->next && netidmax > 1)
+ {
+ strncat (buf, ",", netidmax);
+ netidmax --;
+ }
+ }
+
printf ("%-32s", buf);
rpc = getrpcbynumber (rs->prog);
if (rpc)

View File

@ -0,0 +1,34 @@
From e5f2b446c784fdedf9c51f4b4d550bef204e7a6a Mon Sep 17 00:00:00 2001
From: Scott Mayhew <smayhew@redhat.com>
Date: Tue, 30 Jun 2026 11:09:47 -0400
Subject: [PATCH] rpcbind: fix leak of nconf in main()
Before reusing nconf in the getnetconfig() loop, we need to free the
memory that was previously allocated via getnetconfigent(). Fixes the
following leak reported by valgrind:
==9031== 1,136 (136 direct, 1,000 indirect) bytes in 1 blocks are definitely lost in loss record 63 of 67
==9031== at 0x485183E: malloc (vg_replace_malloc.c:447)
==9031== by 0x4879D1F: getnetconfigent (in /usr/lib64/libtirpc.so.3.0.0)
==9031== by 0x4004336: main (rpcbind.c:271)
Signed-off-by: Scott Mayhew <smayhew@redhat.com>
---
src/rpcbind.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/rpcbind.c b/src/rpcbind.c
index 4212377..c39df97 100644
--- a/src/rpcbind.c
+++ b/src/rpcbind.c
@@ -282,6 +282,7 @@ main(int argc, char *argv[])
rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
init_transport(nconf);
+ freenetconfigent(nconf);
while ((nconf = getnetconfig(nc_handle))) {
if (nconf->nc_flag & NC_VISIBLE)
--
2.54.0

View File

@ -3,11 +3,11 @@
%global rpcbind_state_dir %{_rundir}/rpcbind
Name: rpcbind
Version: 1.2.7
Release: 3%{?dist}
Version: 1.2.9
Release: 0%{?dist}
Summary: Universal Addresses to RPC Program Number Mapper
License: BSD-3-Clause
URL: http://nfsv4.bullopensource.org
URL: https://sourceforge.net/projects/rpcbind
Source0: http://downloads.sourceforge.net/rpcbind/%{name}-%{version}.tar.bz2
Source1: %{name}.sysconfig
@ -22,11 +22,10 @@ Requires(post): systemd
Requires(preun): systemd
Requires(postun): systemd coreutils
Patch100: rpcbind-0.2.3-systemd-envfile.patch
Patch101: rpcbind-0.2.3-systemd-tmpfiles.patch
Patch102: rpcbind-0.2.4-runstatdir.patch
Patch103: rpcbind-0.2.4-systemd-service.patch
Patch104: rpcbind-0.2.4-systemd-rundir.patch
Patch001: rpcbind-1.2.9-fix-leak-of-nconf-in-main.patch
Patch100: rpcbind-0.2.3-systemd-tmpfiles.patch
Patch101: rpcbind-0.2.4-systemd-rundir.patch
Provides: portmap = %{version}-%{release}
Obsoletes: portmap <= 4.0-65.3
@ -113,6 +112,11 @@ fi
%attr(0700, %{rpcbind_user_group}, %{rpcbind_user_group}) %dir %{rpcbind_state_dir}
%changelog
* Wed Jul 1 2026 Scott Mayhew <smayhew@redhat.com> 1.2.9-0
- Updated the URL to https://sourceforge.net/projects/rpcbind (RHEL-174800)
- Updated to latest upstream release: rpcbind-1_2_9 (RHEL-174804)
- Rename RPCBIND_ARGS to RPCBIND_OPTIONS in /etc/sysconfig/rpcbind (RHEL-174804)
* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1.2.7-3
- Bump release for October 2024 mass rebuild:
Resolves: RHEL-64018

View File

@ -1,3 +1,3 @@
#
# Optional arguments passed to rpcbind. See rpcbind(8)
RPCBIND_ARGS=""
RPCBIND_OPTIONS=""

View File

@ -1 +1 @@
SHA512 (rpcbind-1.2.7.tar.bz2) = ca1517bdab86221d13c645042cc31b25b4d2b574d63ebaa20da4f5392b611cf58811f267214293e953f504d364e5daaa5875eab7aa68a04b89e68fd5508e3926
SHA512 (rpcbind-1.2.9.tar.bz2) = bf3998c25be915bba19e06a250e6e213ae13609858bb6c1f9bf8c9737a14ef506d20251b0c2a21a003fe1edd26936958d4e73875830ede6d7098296a673f3856