> Would someone who is familiar with xdr comment on this patch? It looks > right to me, and an OpenBSD security advisory implies that it's needed to > close a remote exploit. Our xdr_array was indeed vulnerable, but was fixed around the same time as OpenBSD's (see http://www.openafs.org/security/OPENAFS-SA-2002-001.txt). -- kolya