search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 1780b43) | patch
CVE-2015-5370: s4:rpc_server: correctly maintain dcesrv_connection->max_{recv,xmit...
commitd7f0712c498d3ac4e79de4001cdaf31a6ecc6d09
authorStefan Metzmacher <metze@samba.org>
Fri, 26 Jun 2015 06:10:46 +0000 (26 08:10 +0200)
committerStefan Metzmacher <metze@samba.org>
Wed, 30 Mar 2016 02:10:08 +0000 (30 04:10 +0200)
tree1b2178a46a6f6c5913daa482adef4268a59abf75tree | snapshot (tar.gz zip)
parent1780b43ff6a82ab8091ba757ba9d0fc049819339commit | diff
CVE-2015-5370: s4:rpc_server: correctly maintain dcesrv_connection->max_{recv,xmit}_frag

These values are controlled by the client but only in a range between
2048 and 5840 (including these values in 8 byte steps).
recv and xmit result always in same min value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
source4/rpc_server/common/reply.c diff | blob | blame | history
source4/rpc_server/dcerpc_server.c diff | blob | blame | history
source4/rpc_server/dcerpc_server.h diff | blob | blame | history
Samba GIT mirror