rpms/rsync/devel rsync-3.0.7-buf-overflow.patch, NONE, 1.1 rsync.spec, 1.69, 1.70
Jan Zeleny
jzeleny at fedoraproject.org
Fri Jan 22 21:52:01 UTC 2010
Author: jzeleny
Update of /cvs/extras/rpms/rsync/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19170
Modified Files:
rsync.spec
Added Files:
rsync-3.0.7-buf-overflow.patch
Log Message:
fixed buffer overflow when working with a long file name (#557916)
rsync-3.0.7-buf-overflow.patch:
flist.c | 4 ++++
1 file changed, 4 insertions(+)
--- NEW FILE rsync-3.0.7-buf-overflow.patch ---
--- rsync-3.0.7/flist.c.orig 2010-01-22 22:39:40.000000000 +0100
+++ rsync-3.0.7/flist.c 2010-01-22 22:45:27.618262042 +0100
@@ -3025,6 +3025,10 @@ char *f_name(const struct file_struct *f
if (f->dirname) {
int len = strlen(f->dirname);
+ if (len >= MAXPATHLEN) {
+ rprintf(FWARNING,"Path too long!\n");
+ return NULL;
+ }
memcpy(fbuf, f->dirname, len);
fbuf[len] = '/';
strlcpy(fbuf + len + 1, f->basename, MAXPATHLEN - (len + 1));
Index: rsync.spec
===================================================================
RCS file: /cvs/extras/rpms/rsync/devel/rsync.spec,v
retrieving revision 1.69
retrieving revision 1.70
diff -u -p -r1.69 -r1.70
--- rsync.spec 19 Jan 2010 08:50:11 -0000 1.69
+++ rsync.spec 22 Jan 2010 21:51:54 -0000 1.70
@@ -7,13 +7,14 @@
Summary: A program for synchronizing files over a network
Name: rsync
Version: 3.0.7
-Release: 1%{?prerelease}%{?dist}
+Release: 2%{?prerelease}%{?dist}
Group: Applications/Internet
URL: http://rsync.samba.org/
Source0: ftp://rsync.samba.org/pub/rsync/rsync-%{version}%{?prerelease}.tar.gz
Source1: ftp://rsync.samba.org/pub/rsync/rsync-patches-%{version}%{?prerelease}.tar.gz
Source2: rsync.xinetd
+Patch0: rsync-3.0.7-buf-overflow.patch
BuildRequires: libacl-devel, libattr-devel, autoconf, popt-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
License: GPLv3+
@@ -46,6 +47,7 @@ patch -p1 -i patches/xattrs.diff
#Enable --copy-devices parameter
patch -p1 -i patches/copy-devices.diff
+%patch0 -p1 -b .buf-overflow
%build
rm -fr autom4te.cache
@@ -74,6 +76,9 @@ rm -rf $RPM_BUILD_ROOT
%{_mandir}/man5/rsyncd.conf.5*
%changelog
+* Fri Jan 22 2010 Jan Zeleny <jzeleny at redhat.com> - 3.0.7-2
+- fixed issue with buffer overflow when using long filenames (#557916)
+
* Tue Jan 19 2010 Jan Zeleny <jzeleny at redhat.com> - 3.0.7-1
- rebased to 3.0.7
More information about the scm-commits
mailing list