Add extra paranoia test. In theory this doesn't really gain you anything,

but the extra warning message could be useful.
svn path=/head/; revision=24776
1997-04-10 13:48:59 +00:00 · 1997-04-10 13:48:59 +00:00 · d075eaa4da · 2020-12-20 02:59:44 +00:00
commit d075eaa4da
parent 401116d519
1 changed files with 12 additions and 2 deletions
--- a/usr.sbin/rpc.ypxfrd/ypxfrd_server.c
+++ b/usr.sbin/rpc.ypxfrd/ypxfrd_server.c
@ -29,12 +29,12 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- *	$Id$
+ *	$Id: ypxfrd_server.c,v 1.4 1997/02/22 16:13:03 peter Exp $
 */

 #include "ypxfrd.h"
 #ifndef lint
-static const char rcsid[] = "$Id$";
+static const char rcsid[] = "$Id: ypxfrd_server.c,v 1.4 1997/02/22 16:13:03 peter Exp $";
 #endif /* not lint */

 #include <stdio.h>
@ -89,10 +89,20 @@ ypxfrd_getmap_1_svc(ypxfr_mapname *argp, struct svc_req *rqstp)
 {
 	static struct xfr  result;
 	char buf[MAXPATHLEN];
+	struct sockaddr_in *rqhost;

 	result.ok = FALSE;
 	result.xfr_u.xfrstat = XFR_DENIED;

+	rqhost = svc_getcaller(rqstp->rq_xprt);
+
+	if (ntohs(rqhost->sin_port) >= IPPORT_RESERVED) {
+		yp_error("%s:%d didn't use reserved port -- rejecting",
+			inet_ntoa(rqhost->sin_addr),
+			ntohs(rqhost->sin_port));
+		return(&result);
+	}
+
 	if (yp_validdomain(argp->xfrdomain)) {
 		return(&result);
 	}