ntirpc icon indicating copy to clipboard operation
ntirpc copied to clipboard

Published 20 hours ago verified publisher icon nfs-ganesha

XDR array sizes may not be validated before being used

Open ffilz opened this issue 2 years ago • 1 comments

For example, see nfs-ganesha Coverity CID 275286 where sx_fbtbc is read from the socket, used to allocate a buffer, and then that many bytes are read. There is no check that the value is reasonable.

ffilz avatar Oct 17 '22 23:10 ffilz

Paul are you taking this one? If so, what is your estimate for completing it?

ffilz avatar Oct 25 '22 16:10 ffilz