From d075eaa4da5f060fde9ec8921ad40e6038ab664e Mon Sep 17 00:00:00 2001
From: Bill Paul <wpaul@FreeBSD.org>
Date: Thu, 10 Apr 1997 13:48:59 +0000
Subject: [PATCH] Add extra paranoia test. In theory this doesn't really gain
 you anything, but the extra warning message could be useful.

---
 usr.sbin/rpc.ypxfrd/ypxfrd_server.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/usr.sbin/rpc.ypxfrd/ypxfrd_server.c b/usr.sbin/rpc.ypxfrd/ypxfrd_server.c
index 85d1da27f253..bfac1b1cf798 100644
--- a/usr.sbin/rpc.ypxfrd/ypxfrd_server.c
+++ b/usr.sbin/rpc.ypxfrd/ypxfrd_server.c
@@ -29,12 +29,12 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *	$Id$
+ *	$Id: ypxfrd_server.c,v 1.4 1997/02/22 16:13:03 peter Exp $
  */
 
 #include "ypxfrd.h"
 #ifndef lint
-static const char rcsid[] = "$Id$";
+static const char rcsid[] = "$Id: ypxfrd_server.c,v 1.4 1997/02/22 16:13:03 peter Exp $";
 #endif /* not lint */
 
 #include <stdio.h>
@@ -89,10 +89,20 @@ ypxfrd_getmap_1_svc(ypxfr_mapname *argp, struct svc_req *rqstp)
 {
 	static struct xfr  result;
 	char buf[MAXPATHLEN];
+	struct sockaddr_in *rqhost;
 
 	result.ok = FALSE;
 	result.xfr_u.xfrstat = XFR_DENIED;
 
+	rqhost = svc_getcaller(rqstp->rq_xprt);
+
+	if (ntohs(rqhost->sin_port) >= IPPORT_RESERVED) {
+		yp_error("%s:%d didn't use reserved port -- rejecting",
+			inet_ntoa(rqhost->sin_addr),
+			ntohs(rqhost->sin_port));
+		return(&result);
+	}
+
 	if (yp_validdomain(argp->xfrdomain)) {
 		return(&result);
 	}