glibc/sunrpc
Brad Hubbard ed6b0fe710 Use calloc to allocate xports (BZ #17542)
If xports is NULL in xprt_register we malloc it but if sock >
_rpc_dtablesize() that memory does not get initialised and may in theory
contain any value. Later we make a conditional jump in svc_getreq_common
based on the uninitialised memory and this caused a general protection
fault in rpc.statd on an older version of glibc but this code has not
changed since that version.

Following is the valgrind warning.

==26802== Conditional jump or move depends on uninitialised value(s)
==26802==    at 0x5343A25: svc_getreq_common (in /lib64/libc-2.5.so)
==26802==    by 0x534357B: svc_getreqset (in /lib64/libc-2.5.so)
==26802==    by 0x10DE1F: ??? (in /sbin/rpc.statd)
==26802==    by 0x10D0EF: main (in /sbin/rpc.statd)
==26802==  Uninitialised value was created by a heap allocation
==26802==    at 0x4C2210C: malloc (vg_replace_malloc.c:195)
==26802==    by 0x53438BE: xprt_register (in /lib64/libc-2.5.so)
==26802==    by 0x53450DF: svcudp_bufcreate (in /lib64/libc-2.5.so)
==26802==    by 0x10FE32: ??? (in /sbin/rpc.statd)
==26802==    by 0x10D13E: main (in /sbin/rpc.statd)
2015-03-18 14:51:26 +05:30
..
rpc
rpcsvc
auth_des.c
auth_none.c
auth_unix.c
authdes_prot.c
authuxprot.c
bindrsvprt.c
clnt_gen.c
clnt_perr.c
clnt_raw.c
clnt_simp.c
clnt_tcp.c
clnt_udp.c
clnt_unix.c
create_xid.c
des_crypt.c
des_impl.c
des_soft.c
etc.rpc
get_myaddr.c
getrpcbyname_r.c
getrpcbyname.c
getrpcbynumber_r.c
getrpcbynumber.c
getrpcent_r.c
getrpcent.c
getrpcport.c
key_call.c
key_prot.c
Makefile Split rpcent tests out of tst-netdb. 2015-03-04 15:55:38 -08:00
netname.c
openchild.c
pm_getmaps.c
pm_getport.c
pmap_clnt.c
pmap_prot2.c
pmap_prot.c
pmap_rmt.c
proto.h
publickey.c
rpc_clntout.c
rpc_cmsg.c
rpc_common.c
rpc_cout.c
rpc_dtable.c
rpc_hout.c
rpc_main.c
rpc_parse.c
rpc_parse.h
rpc_prot.c
rpc_sample.c
rpc_scan.c
rpc_scan.h
rpc_svcout.c
rpc_tblout.c
rpc_thread.c
rpc_util.c
rpc_util.h
rpcgen.c
rpcinfo.c
rtime.c
svc_auth.c
svc_authux.c
svc_raw.c
svc_run.c
svc_simple.c
svc_tcp.c
svc_udp.c
svc_unix.c
svc.c Use calloc to allocate xports (BZ #17542) 2015-03-18 14:51:26 +05:30
svcauth_des.c
test-rpcent.c Split rpcent tests out of tst-netdb. 2015-03-04 15:55:38 -08:00
thrsvc.c
tst-getmyaddr.c
tst-xdrmem2.c
tst-xdrmem.c
Versions
xcrypt.c
xdr_array.c
xdr_float.c
xdr_intXX_t.c
xdr_mem.c
xdr_rec.c
xdr_ref.c
xdr_sizeof.c
xdr_stdio.c
xdr.c