91675d5082
* gnu/packages/rsync.scm (rsync)[source]: Add patches. [properties]: Mark CVE-2017-15994 as not relevant. * gnu/packages/patches/rsync-CVE-2017-16548.patch, gnu/packages/patches/rsync-CVE-2017-17433.patch, gnu/packages/patches/rsync-CVE-2017-17433-fix-tests.patch, gnu/packages/patches/rsync-CVE-2017-17434-pt1.patch, gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them.
32 lines
960 B
Diff
32 lines
960 B
Diff
https://bugzilla.samba.org/show_bug.cgi?id=13112
|
|
https://git.samba.org/rsync.git/?p=rsync.git;a=patch;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1
|
|
|
|
From 47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 Mon Sep 17 00:00:00 2001
|
|
From: Wayne Davison <wayned@samba.org>
|
|
Date: Sun, 5 Nov 2017 11:33:15 -0800
|
|
Subject: [PATCH] Enforce trailing \0 when receiving xattr name values. Fixes
|
|
bug 13112.
|
|
|
|
---
|
|
xattrs.c | 4 ++++
|
|
1 file changed, 4 insertions(+)
|
|
|
|
diff --git a/xattrs.c b/xattrs.c
|
|
index 68305d7..4867e6f 100644
|
|
--- a/xattrs.c
|
|
+++ b/xattrs.c
|
|
@@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file)
|
|
out_of_memory("receive_xattr");
|
|
name = ptr + dget_len + extra_len;
|
|
read_buf(f, name, name_len);
|
|
+ if (name_len < 1 || name[name_len-1] != '\0') {
|
|
+ rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n");
|
|
+ exit_cleanup(RERR_FILEIO);
|
|
+ }
|
|
if (dget_len == datum_len)
|
|
read_buf(f, ptr, dget_len);
|
|
else {
|
|
--
|
|
1.9.1
|
|
|