+++ /dev/null
-From b719a4d53fc6d590f4fac340d956344a5246de4e Mon Sep 17 00:00:00 2001
-From: Volker Lendecke <vl@samba.org>
-Date: Mon, 8 May 2017 21:40:40 +0200
-Subject: [PATCH] CVE-2017-7494: Refuse to open pipe names with / inside
-
-BUG: https://bugzilla.samba.org/show_bug.cgi?id=12780
-
-Signed-off-by: Volker Lendecke <vl@samba.org>
-Reviewed-by: Andreas Schneider <asn@samba.org>
----
- source3/rpc_server/srv_pipe.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
-index ec24fe7..b80e3f5 100644
---- a/source3/rpc_server/srv_pipe.c
-+++ b/source3/rpc_server/srv_pipe.c
-@@ -473,6 +473,11 @@ bool is_known_pipename(const char *cli_filename, struct ndr_syntax_id *syntax)
- pipename += 1;
- }
-
-+ if (strchr(pipename, '/')) {
-+ DEBUG(1,("Refusing open on pipe %s\n", pipename));
-+ return false;
-+ }
-+
- if (lp_disable_spoolss() && strequal(pipename, "spoolss")) {
- DEBUG(10, ("refusing spoolss access\n"));
- return false;
---
-2.9.4
-