forked from NixOS/nixpkgs
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
rsync: fix regression with _FORTIFY_SOURCE=2
See RsyncProject/rsync#511 for details. Not using fetchpatch, because I didn't found a raw link for opensuse's repository
- Loading branch information
Showing
2 changed files
with
55 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
49 changes: 49 additions & 0 deletions
49
pkgs/applications/networking/sync/rsync/rsync-fortified-strlcpy-fix.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| From 1f83963f59960150e8c46112daa8411324c1f209 Mon Sep 17 00:00:00 2001 | ||
| From: Jiri Slaby <[email protected]> | ||
| Date: Fri, 18 Aug 2023 08:26:20 +0200 | ||
| Subject: [PATCH] exclude: fix crashes with fortified strlcpy() | ||
|
|
||
| Fortified (-D_FORTIFY_SOURCE=2 for gcc) builds make strlcpy() crash when | ||
| its third parameter (size) is larger than the buffer: | ||
| $ rsync -FFXHav '--filter=merge global-rsync-filter' Align-37-43/ xxx | ||
| sending incremental file list | ||
| *** buffer overflow detected ***: terminated | ||
|
|
||
| It's in the exclude code in setup_merge_file(): | ||
| strlcpy(y, save, MAXPATHLEN); | ||
|
|
||
| Note the 'y' pointer was incremented, so it no longer points to memory | ||
| with MAXPATHLEN "owned" bytes. | ||
|
|
||
| Fix it by remembering the number of copied bytes into the 'save' buffer | ||
| and use that instead of MAXPATHLEN which is clearly incorrect. | ||
|
|
||
| Fixes #511. | ||
| --- | ||
| exclude.c | 5 +++-- | ||
| 1 file changed, 3 insertions(+), 2 deletions(-) | ||
|
|
||
| diff --git a/exclude.c b/exclude.c | ||
| index ffe55b167..1a5de3b9e 100644 | ||
| --- a/exclude.c | ||
| +++ b/exclude.c | ||
| @@ -720,7 +720,8 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex, | ||
| parent_dirscan = True; | ||
| while (*y) { | ||
| char save[MAXPATHLEN]; | ||
| - strlcpy(save, y, MAXPATHLEN); | ||
| + /* copylen is strlen(y) which is < MAXPATHLEN. +1 for \0 */ | ||
| + size_t copylen = strlcpy(save, y, MAXPATHLEN) + 1; | ||
| *y = '\0'; | ||
| dirbuf_len = y - dirbuf; | ||
| strlcpy(x, ex->pattern, MAXPATHLEN - (x - buf)); | ||
| @@ -734,7 +735,7 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex, | ||
| lp->head = NULL; | ||
| } | ||
| lp->tail = NULL; | ||
| - strlcpy(y, save, MAXPATHLEN); | ||
| + strlcpy(y, save, copylen); | ||
| while ((*x++ = *y++) != '/') {} | ||
| } | ||
| parent_dirscan = False; | ||
|
|