03/03: [LIBTIRPC] Fix CVE-2018-14622 by backporting its fix - Ros-diffs

5 Sep 2018

https://git.reactos.org/?p=reactos.git;a=commitdiff;h=000bbe074ed29d1efe39d4...
commit 000bbe074ed29d1efe39d4d65c81d1c1ead07c93
Author:     Pierre Schweitzer pierre@reactos.org
AuthorDate: Wed Sep 5 21:44:47 2018 +0200
Commit:     Pierre Schweitzer pierre@reactos.org
CommitDate: Wed Sep 5 22:06:30 2018 +0200
[LIBTIRPC] Fix CVE-2018-14622 by backporting its fix
CORE-15005
---
 dll/3rdparty/libtirpc/src/svc_vc.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/dll/3rdparty/libtirpc/src/svc_vc.c b/dll/3rdparty/libtirpc/src/svc_vc.c
index 4d7e1f1fd2..2ccbe0e340 100644
--- a/dll/3rdparty/libtirpc/src/svc_vc.c
+++ b/dll/3rdparty/libtirpc/src/svc_vc.c
@@ -340,6 +340,10 @@ again:
     */
newxprt = makefd_xprt(sock, r->sendsize, r->recvsize);
+#ifdef __REACTOS__ // CVE-2018-14622
+	if (!newxprt)
+		return (FALSE);
+#endif
if (!__rpc_set_netbuf(&newxprt->xp_rtaddr, &addr, len))
    	return (FALSE);

    