SOURCES: rsync-CVE-2007-4091.patch (NEW) - new (from: http://www.s...
adamg
adamg at pld-linux.org
Fri Aug 24 20:41:33 CEST 2007
Author: adamg Date: Fri Aug 24 18:41:33 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- new (from: http://www.suse.de/%7Ekrahmer/rsync-2.6.9-fname-obo.diff)
---- Files affected:
SOURCES:
rsync-CVE-2007-4091.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/rsync-CVE-2007-4091.patch
diff -u /dev/null SOURCES/rsync-CVE-2007-4091.patch:1.1
--- /dev/null Fri Aug 24 20:41:33 2007
+++ SOURCES/rsync-CVE-2007-4091.patch Fri Aug 24 20:41:28 2007
@@ -0,0 +1,60 @@
+--- rsync-2.6.9.orig/sender.c 2006-09-20 03:53:32.000000000 +0200
++++ rsync-2.6.9/sender.c 2007-07-25 15:33:05.000000000 +0200
+@@ -123,6 +123,7 @@
+ char fname[MAXPATHLEN];
+ struct file_struct *file;
+ unsigned int offset;
++ size_t l = 0;
+
+ if (ndx < 0 || ndx >= the_file_list->count)
+ return;
+@@ -133,6 +134,20 @@
+ file->dir.root, "/", NULL);
+ } else
+ offset = 0;
++
++ l = offset + 1;
++ if (file) {
++ if (file->dirname)
++ l += strlen(file->dirname);
++ if (file->basename)
++ l += strlen(file->basename);
++ }
++
++ if (l >= sizeof(fname)) {
++ rprintf(FERROR, "Overlong pathname\n");
++ exit_cleanup(RERR_FILESELECT);
++ }
++
+ f_name(file, fname + offset);
+ if (remove_source_files) {
+ if (do_unlink(fname) == 0) {
+@@ -224,6 +239,7 @@
+ enum logcode log_code = log_before_transfer ? FLOG : FINFO;
+ int f_xfer = write_batch < 0 ? batch_fd : f_out;
+ int i, j;
++ size_t l = 0;
+
+ if (verbose > 2)
+ rprintf(FINFO, "send_files starting\n");
+@@ -259,6 +275,20 @@
+ fname[offset++] = '/';
+ } else
+ offset = 0;
++
++ l = offset + 1;
++ if (file) {
++ if (file->dirname)
++ l += strlen(file->dirname);
++ if (file->basename)
++ l += strlen(file->basename);
++ }
++
++ if (l >= sizeof(fname)) {
++ rprintf(FERROR, "Overlong pathname\n");
++ exit_cleanup(RERR_FILESELECT);
++ }
++
+ fname2 = f_name(file, fname + offset);
+
+ if (verbose > 2)
================================================================
More information about the pld-cvs-commit
mailing list