diff options
| -rw-r--r-- | rcynic/static-rsync/Makefile | 6 | ||||
| -rw-r--r-- | rcynic/static-rsync/README | 3 | ||||
| -rw-r--r-- | rcynic/static-rsync/patches/patch-CVE-2007-4091 | 60 |
3 files changed, 68 insertions, 1 deletions
diff --git a/rcynic/static-rsync/Makefile b/rcynic/static-rsync/Makefile index 73379471..9f25118e 100644 --- a/rcynic/static-rsync/Makefile +++ b/rcynic/static-rsync/Makefile @@ -26,7 +26,11 @@ extracted.stamp: ${TARBALL} gzcat ${TARBALL} | tar -xf - touch $@ -configured.stamp: extracted.stamp +patched.stamp: extracted.stamp + for i in patches/patch-*; do if test -f "$$i"; then patch -d ${DIRNAME} <"$$i"; else :; fi; done + touch $@ + +configured.stamp: patched.stamp cd ${DIRNAME} && ${CFG_ENV} ./configure ${CFG_ARG} ${CFG_LOG} touch $@ diff --git a/rcynic/static-rsync/README b/rcynic/static-rsync/README index a0613c47..9ff5afa8 100644 --- a/rcynic/static-rsync/README +++ b/rcynic/static-rsync/README @@ -10,3 +10,6 @@ drastic than this to get your compiler working, please tell me. If your platform doesn't support static binaries at all, you're on your own (and should whine at your OS vendor, as this is nuts). + +We try to stick with rsync release code, but apply security patches +when necessary. diff --git a/rcynic/static-rsync/patches/patch-CVE-2007-4091 b/rcynic/static-rsync/patches/patch-CVE-2007-4091 new file mode 100644 index 00000000..201af96a --- /dev/null +++ b/rcynic/static-rsync/patches/patch-CVE-2007-4091 @@ -0,0 +1,60 @@ +--- sender.c 2006-09-20 03:53:32.000000000 +0200 ++++ sender.c 2007-07-25 15:33:05.000000000 +0200 +@@ -123,6 +123,7 @@ + char fname[MAXPATHLEN]; + struct file_struct *file; + unsigned int offset; ++ size_t l = 0; + + if (ndx < 0 || ndx >= the_file_list->count) + return; +@@ -133,6 +134,20 @@ + file->dir.root, "/", NULL); + } else + offset = 0; ++ ++ l = offset + 1; ++ if (file) { ++ if (file->dirname) ++ l += strlen(file->dirname); ++ if (file->basename) ++ l += strlen(file->basename); ++ } ++ ++ if (l >= sizeof(fname)) { ++ rprintf(FERROR, "Overlong pathname\n"); ++ exit_cleanup(RERR_FILESELECT); ++ } ++ + f_name(file, fname + offset); + if (remove_source_files) { + if (do_unlink(fname) == 0) { +@@ -224,6 +239,7 @@ + enum logcode log_code = log_before_transfer ? FLOG : FINFO; + int f_xfer = write_batch < 0 ? batch_fd : f_out; + int i, j; ++ size_t l = 0; + + if (verbose > 2) + rprintf(FINFO, "send_files starting\n"); +@@ -259,6 +275,20 @@ + fname[offset++] = '/'; + } else + offset = 0; ++ ++ l = offset + 1; ++ if (file) { ++ if (file->dirname) ++ l += strlen(file->dirname); ++ if (file->basename) ++ l += strlen(file->basename); ++ } ++ ++ if (l >= sizeof(fname)) { ++ rprintf(FERROR, "Overlong pathname\n"); ++ exit_cleanup(RERR_FILESELECT); ++ } ++ + fname2 = f_name(file, fname + offset); + + if (verbose > 2) |