From: Wayne Davison Date: Fri, 21 Apr 2006 00:04:16 +0000 (+0000) Subject: Added a sanity check to the xattr-reading code so that some crafty X-Git-Url: https://mattmccutchen.net/rsync/rsync-patches.git/commitdiff_plain/3fcc541fa158cb815d88e291aa843d5b724db6fb?ds=sidebyside Added a sanity check to the xattr-reading code so that some crafty size values cannot cause a buffer overflow. --- diff --git a/xattrs.diff b/xattrs.diff index fe696d0..998ff8c 100644 --- a/xattrs.diff +++ b/xattrs.diff @@ -69,7 +69,7 @@ After applying this patch, run these commands for a successful build: if (verbose > 1) { --- old/configure.in +++ new/configure.in -@@ -814,6 +814,30 @@ samba_cv_HAVE_ACL_GET_PERM_NP=yes,samba_ +@@ -823,6 +823,30 @@ samba_cv_HAVE_ACL_GET_PERM_NP=yes,samba_ AC_MSG_RESULT(no) ) @@ -230,7 +230,7 @@ After applying this patch, run these commands for a successful build: int preserve_perms = 0; int preserve_executability = 0; int preserve_devices = 0; -@@ -196,6 +197,7 @@ static void print_rsync_version(enum log +@@ -194,6 +195,7 @@ static void print_rsync_version(enum log char const *have_inplace = "no "; char const *hardlinks = "no "; char const *acls = "no "; @@ -238,7 +238,7 @@ After applying this patch, run these commands for a successful build: char const *links = "no "; char const *ipv6 = "no "; STRUCT_STAT *dumstat; -@@ -215,7 +217,9 @@ static void print_rsync_version(enum log +@@ -213,7 +215,9 @@ static void print_rsync_version(enum log #ifdef SUPPORT_ACLS acls = ""; #endif @@ -249,7 +249,7 @@ After applying this patch, run these commands for a successful build: #ifdef SUPPORT_LINKS links = ""; #endif -@@ -229,9 +233,9 @@ static void print_rsync_version(enum log +@@ -227,9 +231,9 @@ static void print_rsync_version(enum log rprintf(f, "Copyright (C) 1996-2006 by Andrew Tridgell, Wayne Davison, and others.\n"); rprintf(f, "\n"); rprintf(f, "Capabilities: %d-bit files, %ssocketpairs, " @@ -261,7 +261,7 @@ After applying this patch, run these commands for a successful build: /* Note that this field may not have type ino_t. It depends * on the complicated interaction between largefile feature -@@ -304,6 +308,9 @@ void usage(enum logcode F) +@@ -302,6 +306,9 @@ void usage(enum logcode F) #ifdef SUPPORT_ACLS rprintf(F," -A, --acls preserve ACLs (implies --perms)\n"); #endif @@ -271,7 +271,7 @@ After applying this patch, run these commands for a successful build: rprintf(F," --chmod=CHMOD change destination permissions\n"); rprintf(F," -o, --owner preserve owner (super-user only)\n"); rprintf(F," -g, --group preserve group\n"); -@@ -422,6 +429,9 @@ static struct poptOption long_options[] +@@ -420,6 +427,9 @@ static struct poptOption long_options[] {"acls", 'A', POPT_ARG_NONE, 0, 'A', 0, 0 }, {"no-acls", 0, POPT_ARG_VAL, &preserve_acls, 0, 0, 0 }, {"no-A", 0, POPT_ARG_VAL, &preserve_acls, 0, 0, 0 }, @@ -281,7 +281,7 @@ After applying this patch, run these commands for a successful build: {"times", 't', POPT_ARG_VAL, &preserve_times, 1, 0, 0 }, {"no-times", 0, POPT_ARG_VAL, &preserve_times, 0, 0, 0 }, {"no-t", 0, POPT_ARG_VAL, &preserve_times, 0, 0, 0 }, -@@ -1096,6 +1106,17 @@ int parse_arguments(int *argc, const cha +@@ -1095,6 +1105,17 @@ int parse_arguments(int *argc, const cha return 0; #endif @@ -299,7 +299,7 @@ After applying this patch, run these commands for a successful build: default: /* A large opt value means that set_refuse_options() -@@ -1544,6 +1565,10 @@ void server_options(char **args,int *arg +@@ -1542,6 +1563,10 @@ void server_options(char **args,int *arg if (preserve_acls) argstr[x++] = 'A'; #endif @@ -333,7 +333,7 @@ After applying this patch, run these commands for a successful build: if ((st->st_mode & CHMOD_BITS) != (file->mode & CHMOD_BITS)) { --- old/rsync.h +++ new/rsync.h -@@ -672,6 +672,14 @@ struct chmod_mode_struct; +@@ -674,6 +674,14 @@ struct chmod_mode_struct; #endif #include "smb_acls.h" @@ -358,9 +358,9 @@ After applying this patch, run these commands for a successful build: --chmod=CHMOD change destination permissions -o, --owner preserve owner (super-user only) -g, --group preserve group -@@ -802,6 +803,11 @@ dit(bf(-A, --acls)) This option causes r - ACLs to be the same as the source ACLs. This nonstandard option only - works if the remote rsync also supports it. bf(--acls) implies bf(--perms). +@@ -807,6 +808,11 @@ version makes it incompatible with sendi + rsync unless you double the bf(--acls) option (e.g. bf(-AA)). This + doubling is not needed when pulling files from an older rsync. +dit(bf(-X, --xattrs)) This option causes rsync to update the remote +extended attributes to be the same as the local ones. This will work @@ -372,7 +372,7 @@ After applying this patch, run these commands for a successful build: transfer. The resulting value is treated as though it was the permissions --- old/xattr.c +++ new/xattr.c -@@ -0,0 +1,521 @@ +@@ -0,0 +1,523 @@ +/* Extended Attribute support for rsync */ +/* Copyright (C) 2004 Red Hat, Inc */ +/* Written by Jay Fenlason, vaguely based on the ACLs patch */ @@ -750,6 +750,8 @@ After applying this patch, run these commands for a successful build: + + name_len = read_int(f); + datum_len = read_int(f); ++ if (name_len + datum_len < name_len) ++ out_of_memory("receive_xattr"); /* overflow */ + ptr = new_array(char, name_len + datum_len); + if (!ptr) + out_of_memory("receive_xattr");