The branch, master has been updated via 8a82fee Don't overflow an allocated dest buf when input path is empty. Fixes bug 13105. via 0350f95 Add an extra argc validation in do_server_sender(). Fixes bug 13104. from 9a480de Only allow a modern checksum method for passwords.
https://git.samba.org/?p=rsync.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 8a82feeb7cebcbba7826e861905af52582850459 Author: Wayne Davison <way...@samba.org> Date: Sun Oct 29 15:52:46 2017 -0700 Don't overflow an allocated dest buf when input path is empty. Fixes bug 13105. commit 0350f95e7bfd0fc6c444682f16e0c9af32874eac Author: Wayne Davison <way...@samba.org> Date: Sun Oct 29 15:22:22 2017 -0700 Add an extra argc validation in do_server_sender(). Fixes bug 13104. ----------------------------------------------------------------------- Summary of changes: main.c | 13 ++++++++----- util.c | 8 ++++---- 2 files changed, 12 insertions(+), 9 deletions(-) Changeset truncated at 500 lines: diff --git a/main.c b/main.c index 3908ccf..ec89667 100644 --- a/main.c +++ b/main.c @@ -783,7 +783,7 @@ static void read_final_goodbye(int f_in, int f_out) static void do_server_sender(int f_in, int f_out, int argc, char *argv[]) { struct file_list *flist; - char *dir = argv[0]; + char *dir; if (DEBUG_GTE(SEND, 1)) rprintf(FINFO, "server_sender starting pid=%d\n", (int)getpid()); @@ -791,16 +791,19 @@ static void do_server_sender(int f_in, int f_out, int argc, char *argv[]) if (am_daemon && lp_write_only(module_id)) { rprintf(FERROR, "ERROR: module is write only\n"); exit_cleanup(RERR_SYNTAX); - return; } if (am_daemon && read_only && remove_source_files) { rprintf(FERROR, - "ERROR: --remove-%s-files cannot be used with a read-only module\n", - remove_source_files == 1 ? "source" : "sent"); + "ERROR: --remove-%s-files cannot be used with a read-only module\n", + remove_source_files == 1 ? "source" : "sent"); + exit_cleanup(RERR_SYNTAX); + } + if (argc < 1) { + rprintf(FERROR, "ERROR: do_server_sender called without args\n"); exit_cleanup(RERR_SYNTAX); - return; } + dir = argv[0]; if (!relative_paths) { if (!change_dir(dir, CD_NORMAL)) { rsyserr(FERROR, errno, "change_dir#3 %s failed", diff --git a/util.c b/util.c index d50900c..f8f2de6 100644 --- a/util.c +++ b/util.c @@ -1009,7 +1009,7 @@ char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth, int rlen = 0, drop_dot_dirs = !relative_paths || !(flags & SP_KEEP_DOT_DIRS); if (dest != p) { - int plen = strlen(p); + int plen = strlen(p); /* the path len INCLUDING any separating slash */ if (*p == '/') { if (!rootdir) rootdir = module_dir; @@ -1020,11 +1020,11 @@ char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth, if (dest) { if (rlen + plen + 1 >= MAXPATHLEN) return NULL; - } else if (!(dest = new_array(char, rlen + plen + 1))) + } else if (!(dest = new_array(char, MAX(rlen + plen + 1, 2)))) out_of_memory("sanitize_path"); - if (rlen) { + if (rlen) { /* only true if p previously started with a slash */ memcpy(dest, rootdir, rlen); - if (rlen > 1) + if (rlen > 1) /* a rootdir of len 1 is "/", so this avoids a 2nd slash */ dest[rlen++] = '/'; } } -- The rsync repository. _______________________________________________ rsync-cvs mailing list rsync-cvs@lists.samba.org https://lists.samba.org/mailman/listinfo/rsync-cvs