CVE-2015-5370: s4:rpc_server: correctly maintain dcesrv_connection->max_{recv,xmit...
authorStefan Metzmacher <metze@samba.org>
Fri, 26 Jun 2015 06:10:46 +0000 (08:10 +0200)
committerStefan Metzmacher <metze@samba.org>
Tue, 12 Apr 2016 17:25:29 +0000 (19:25 +0200)
commite6f6b4be9adae0a576e93f238b055db5e90701bb
treed378b4d5947aed533757a945845f7207b0ecedc4
parent4624c838c890672be6d40208333d5bee11e0ea95
CVE-2015-5370: s4:rpc_server: correctly maintain dcesrv_connection->max_{recv,xmit}_frag

These values are controlled by the client but only in a range between
2048 and 5840 (including these values in 8 byte steps).
recv and xmit result always in same min value.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11344

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: G√ľnther Deschner <gd@samba.org>
source4/rpc_server/common/reply.c
source4/rpc_server/dcerpc_server.c
source4/rpc_server/dcerpc_server.h