The branch, master has been updated via 079e74a3 Some year updates. via abc3c746 Mention latest changes in NEWS. via 99ab5946 exclude: fix crashes with fortified strlcpy() from a47ae6fa typo in rsyncd.conf.5.md
https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 079e74a30f3615ccd70864621dab6d8df0ae0122 Author: Wayne Davison <wa...@opencoder.net> Date: Sat Apr 6 09:21:44 2024 -0700 Some year updates. commit abc3c746527bb030db37010e03ef574ddc47fe36 Author: Wayne Davison <wa...@opencoder.net> Date: Sat Apr 6 09:17:16 2024 -0700 Mention latest changes in NEWS. commit 99ab59464bf44f18d668e373bc3d0f65190b87ac Author: Jiri Slaby <jsl...@suse.cz> Date: Fri Aug 18 08:26:20 2023 +0200 exclude: fix crashes with fortified strlcpy() Fortified (-D_FORTIFY_SOURCE=2 for gcc) builds make strlcpy() crash when its third parameter (size) is larger than the buffer: $ rsync -FFXHav '--filter=merge global-rsync-filter' Align-37-43/ xxx sending incremental file list *** buffer overflow detected ***: terminated It's in the exclude code in setup_merge_file(): strlcpy(y, save, MAXPATHLEN); Note the 'y' pointer was incremented, so it no longer points to memory with MAXPATHLEN "owned" bytes. Fix it by remembering the number of copied bytes into the 'save' buffer and use that instead of MAXPATHLEN which is clearly incorrect. Fixes #511. ----------------------------------------------------------------------- Summary of changes: NEWS.md | 7 +++++++ delete.c | 2 +- exclude.c | 5 +++-- latest-year.h | 2 +- util2.c | 2 +- 5 files changed, 13 insertions(+), 5 deletions(-) Changeset truncated at 500 lines: diff --git a/NEWS.md b/NEWS.md index ca60c32c..da1e1852 100644 --- a/NEWS.md +++ b/NEWS.md @@ -10,6 +10,11 @@ - Fixed an buffer overflow in the checksum2 code if SHA1 is being used for the checksum2 algorithm. +- Fixed an issue when rsync is compiled using `_FORTIFY_SOURCE` so that the + extra tests don't complain about a strlcpy() limit value (which was too + large, even though it wasn't possible for the larger value to cause an + overflow). + - Add a backtick to the list of characters that the filename quoting needs to escape using backslashes. @@ -49,6 +54,8 @@ - Changed the mapfrom & mapto perl scripts (in the support dir) into a single python script named idmap. Converted a couple more perl scripts into python. +- Changed the mnt-excl perl script (in the support dir) into a python script. + ### DEVELOPER RELATED: - Updated config.guess (timestamp 2023-01-01) and config.sub (timestamp diff --git a/delete.c b/delete.c index 80766164..dcb6a9af 100644 --- a/delete.c +++ b/delete.c @@ -4,7 +4,7 @@ * Copyright (C) 1996-2000 Andrew Tridgell * Copyright (C) 1996 Paul Mackerras * Copyright (C) 2002 Martin Pool <m...@samba.org> - * Copyright (C) 2003-2020 Wayne Davison + * Copyright (C) 2003-2023 Wayne Davison * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/exclude.c b/exclude.c index ffe55b16..1a5de3b9 100644 --- a/exclude.c +++ b/exclude.c @@ -720,7 +720,8 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex, parent_dirscan = True; while (*y) { char save[MAXPATHLEN]; - strlcpy(save, y, MAXPATHLEN); + /* copylen is strlen(y) which is < MAXPATHLEN. +1 for \0 */ + size_t copylen = strlcpy(save, y, MAXPATHLEN) + 1; *y = '\0'; dirbuf_len = y - dirbuf; strlcpy(x, ex->pattern, MAXPATHLEN - (x - buf)); @@ -734,7 +735,7 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex, lp->head = NULL; } lp->tail = NULL; - strlcpy(y, save, MAXPATHLEN); + strlcpy(y, save, copylen); while ((*x++ = *y++) != '/') {} } parent_dirscan = False; diff --git a/latest-year.h b/latest-year.h index 0dcf3464..f978fb8b 100644 --- a/latest-year.h +++ b/latest-year.h @@ -1 +1 @@ -#define LATEST_YEAR "2023" +#define LATEST_YEAR "2024" diff --git a/util2.c b/util2.c index 3b5a8f41..e398340e 100644 --- a/util2.c +++ b/util2.c @@ -4,7 +4,7 @@ * Copyright (C) 1996-2000 Andrew Tridgell * Copyright (C) 1996 Paul Mackerras * Copyright (C) 2001, 2002 Martin Pool <m...@samba.org> - * Copyright (C) 2003-2020 Wayne Davison + * Copyright (C) 2003-2023 Wayne Davison * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by -- The rsync repository. _______________________________________________ rsync-cvs mailing list rsync-cvs@lists.samba.org https://lists.samba.org/mailman/listinfo/rsync-cvs