>-----Original Message-----
>From: openembedded-core-boun...@lists.openembedded.org
>[mailto:openembedded-core-boun...@lists.openembedded.org] On Behalf Of Saul
>Wold
>Sent: 2011年5月10日 13:02
>To: Patches and discussions about the oe-core layer
>Subject: Re: [OE-core] [PATCH 1/1] rsync (GPLv2): fix security vulnerability
>CVE-2007-4091
>
>On 05/09/2011 07:54 PM, Dexuan Cui wrote:
>> From: Dexuan Cui<dexuan....@intel.com>
>>
>> Added a patch to fix
>> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>>
>This is missing a [YOCTO #bugid], please add and resend. (update branch
>is OK).
Saul,
Before the other two CVEs are specifically addressed, I don't think we
can call a close on this bug.
Thanks,
Qing
>
>Sau!
>
>> Signed-off-by: Dexuan Cui<dexuan....@intel.com>
>> ---
>> .../rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70
>++++++++++++++++++++
>> meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 +-
>> 2 files changed, 72 insertions(+), 1 deletions(-)
>> create mode 100644
>meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>>
>> diff --git
>> a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>> new file mode 100644
>> index 0000000..f054452
>> --- /dev/null
>> +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch
>> @@ -0,0 +1,70 @@
>> +Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ]
>> +
>> +The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to
>> +address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
>> +
>> +Date: Tue May 10 10:07:36 2011 +0800
>> +Dexuan Cui<dexuan....@intel.com>
>> +
>> +diff --git a/sender.c b/sender.c
>> +index 6fcaa65..053a8f1 100644
>> +--- a/sender.c
>> ++++ b/sender.c
>> +@@ -123,6 +123,7 @@ void successful_send(int ndx)
>> + char fname[MAXPATHLEN];
>> + struct file_struct *file;
>> + unsigned int offset;
>> ++ size_t l = 0;
>> +
>> + if (ndx< 0 || ndx>= the_file_list->count)
>> + return;
>> +@@ -133,6 +134,20 @@ void successful_send(int ndx)
>> + file->dir.root, "/", NULL);
>> + } else
>> + offset = 0;
>> ++
>> ++ l = offset + 1;
>> ++ if (file) {
>> ++ if (file->dirname)
>> ++ l += strlen(file->dirname);
>> ++ if (file->basename)
>> ++ l += strlen(file->basename);
>> ++ }
>> ++
>> ++ if (l>= sizeof(fname)) {
>> ++ rprintf(FERROR, "Overlong pathname\n");
>> ++ exit_cleanup(RERR_FILESELECT);
>> ++ }
>> ++
>> + f_name(file, fname + offset);
>> + if (remove_source_files) {
>> + if (do_unlink(fname) == 0) {
>> +@@ -224,6 +239,7 @@ void send_files(struct file_list *flist, int f_out, int
>> f_in)
>> + enum logcode log_code = log_before_transfer ? FLOG : FINFO;
>> + int f_xfer = write_batch< 0 ? batch_fd : f_out;
>> + int i, j;
>> ++ size_t l = 0;
>> +
>> + if (verbose> 2)
>> + rprintf(FINFO, "send_files starting\n");
>> +@@ -259,6 +275,20 @@ void send_files(struct file_list *flist, int f_out,
>> int f_in)
>> + fname[offset++] = '/';
>> + } else
>> + offset = 0;
>> ++
>> ++ l = offset + 1;
>> ++ if (file) {
>> ++ if (file->dirname)
>> ++ l += strlen(file->dirname);
>> ++ if (file->basename)
>> ++ l += strlen(file->basename);
>> ++ }
>> ++
>> ++ if (l>= sizeof(fname)) {
>> ++ rprintf(FERROR, "Overlong pathname\n");
>> ++ exit_cleanup(RERR_FILESELECT);
>> ++ }
>> ++
>> + fname2 = f_name(file, fname + offset);
>> +
>> + if (verbose> 2)
>> diff --git a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>> index 4337982..17c18a4 100644
>> --- a/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>> +++ b/meta/recipes-devtools/rsync/rsync_2.6.9.bb
>> @@ -8,6 +8,7 @@ PRIORITY = "optional"
>> DEPENDS = "popt"
>>
>> SRC_URI = "http://rsync.samba.org/ftp/rsync/src/rsync-${PV}.tar.gz \
>> + file://rsync-2.6.9-fname-obo.patch \
>> file://rsyncd.conf"
>>
>> inherit autotools
>> @@ -22,4 +23,4 @@ EXTRA_OEMAKE='STRIP=""'
>> LICENSE = "GPLv2+"
>> LIC_FILES_CHKSUM =
>"file://COPYING;md5=6d5a9d4c4d3af25cd68fd83e8a8cb09c"
>>
>> -PR = "r2"
>> +PR = "r3"
>
>_______________________________________________
>Openembedded-core mailing list
>Openembedded-core@lists.openembedded.org
>http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
