The branch, master has been updated
via 8a82fee Don't overflow an allocated dest buf when input path is
empty. Fixes bug 13105.
via 0350f95 Add an extra argc validation in do_server_sender(). Fixes
bug 13104.
from 9a480de Only allow a modern checksum method for passwords.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8a82feeb7cebcbba7826e861905af52582850459
Author: Wayne Davison <way...@samba.org>
Date: Sun Oct 29 15:52:46 2017 -0700
Don't overflow an allocated dest buf when input path is empty.
Fixes bug 13105.
commit 0350f95e7bfd0fc6c444682f16e0c9af32874eac
Author: Wayne Davison <way...@samba.org>
Date: Sun Oct 29 15:22:22 2017 -0700
Add an extra argc validation in do_server_sender().
Fixes bug 13104.
-----------------------------------------------------------------------
Summary of changes:
main.c | 13 ++++++++-----
util.c | 8 ++++----
2 files changed, 12 insertions(+), 9 deletions(-)
Changeset truncated at 500 lines:
diff --git a/main.c b/main.c
index 3908ccf..ec89667 100644
--- a/main.c
+++ b/main.c
@@ -783,7 +783,7 @@ static void read_final_goodbye(int f_in, int f_out)
static void do_server_sender(int f_in, int f_out, int argc, char *argv[])
{
struct file_list *flist;
- char *dir = argv[0];
+ char *dir;
if (DEBUG_GTE(SEND, 1))
rprintf(FINFO, "server_sender starting pid=%d\n",
(int)getpid());
@@ -791,16 +791,19 @@ static void do_server_sender(int f_in, int f_out, int
argc, char *argv[])
if (am_daemon && lp_write_only(module_id)) {
rprintf(FERROR, "ERROR: module is write only\n");
exit_cleanup(RERR_SYNTAX);
- return;
}
if (am_daemon && read_only && remove_source_files) {
rprintf(FERROR,
- "ERROR: --remove-%s-files cannot be used with a read-only
module\n",
- remove_source_files == 1 ? "source" : "sent");
+ "ERROR: --remove-%s-files cannot be used with a
read-only module\n",
+ remove_source_files == 1 ? "source" : "sent");
+ exit_cleanup(RERR_SYNTAX);
+ }
+ if (argc < 1) {
+ rprintf(FERROR, "ERROR: do_server_sender called without
args\n");
exit_cleanup(RERR_SYNTAX);
- return;
}
+ dir = argv[0];
if (!relative_paths) {
if (!change_dir(dir, CD_NORMAL)) {
rsyserr(FERROR, errno, "change_dir#3 %s failed",
diff --git a/util.c b/util.c
index d50900c..f8f2de6 100644
--- a/util.c
+++ b/util.c
@@ -1009,7 +1009,7 @@ char *sanitize_path(char *dest, const char *p, const char
*rootdir, int depth,
int rlen = 0, drop_dot_dirs = !relative_paths || !(flags &
SP_KEEP_DOT_DIRS);
if (dest != p) {
- int plen = strlen(p);
+ int plen = strlen(p); /* the path len INCLUDING any separating
slash */
if (*p == '/') {
if (!rootdir)
rootdir = module_dir;
@@ -1020,11 +1020,11 @@ char *sanitize_path(char *dest, const char *p, const
char *rootdir, int depth,
if (dest) {
if (rlen + plen + 1 >= MAXPATHLEN)
return NULL;
- } else if (!(dest = new_array(char, rlen + plen + 1)))
+ } else if (!(dest = new_array(char, MAX(rlen + plen + 1, 2))))
out_of_memory("sanitize_path");
- if (rlen) {
+ if (rlen) { /* only true if p previously started with a slash */
memcpy(dest, rootdir, rlen);
- if (rlen > 1)
+ if (rlen > 1) /* a rootdir of len 1 is "/", so this
avoids a 2nd slash */
dest[rlen++] = '/';
}
}
--
The rsync repository.
_______________________________________________
rsync-cvs mailing list
rsync-cvs@lists.samba.org
https://lists.samba.org/mailman/listinfo/rsync-cvs
