diff options
author | Marius Bakke <mbakke@fastmail.com> | 2017-12-19 01:42:40 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2017-12-19 01:42:40 +0100 |
commit | 32cd878be0bb7e153fcaa6f3bfa2632867390ff9 (patch) | |
tree | fc1ff93949817c9d172c84d0410ac9225cad57ae /gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch | |
parent | 753425610274ccb59cce13490c096027c61621d0 (diff) | |
parent | 98bd11cfe7b931e9c6d6bf002a8a225fb7a1025b (diff) | |
download | guix-patches-32cd878be0bb7e153fcaa6f3bfa2632867390ff9.tar guix-patches-32cd878be0bb7e153fcaa6f3bfa2632867390ff9.tar.gz |
Merge branch 'master' into core-updates
Diffstat (limited to 'gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch')
-rw-r--r-- | gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch b/gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch new file mode 100644 index 0000000000..fad19d01fb --- /dev/null +++ b/gnu/packages/patches/rsync-CVE-2017-17434-pt2.patch @@ -0,0 +1,39 @@ +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17434 +https://git.samba.org/?p=rsync.git;a=patch;h=70aeb5fddd1b2f8e143276f8d5a085db16c593b9 + +From 70aeb5fddd1b2f8e143276f8d5a085db16c593b9 Mon Sep 17 00:00:00 2001 +From: Jeriko One <jeriko.one@gmx.us> +Date: Thu, 16 Nov 2017 17:05:42 -0800 +Subject: [PATCH] Sanitize xname in read_ndx_and_attrs. + +--- + rsync.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/rsync.c b/rsync.c +index b82e598..a0945ba 100644 +--- a/rsync.c ++++ b/rsync.c +@@ -49,6 +49,7 @@ extern int flist_eof; + extern int file_old_total; + extern int keep_dirlinks; + extern int make_backups; ++extern int sanitize_paths; + extern struct file_list *cur_flist, *first_flist, *dir_flist; + extern struct chmod_mode_struct *daemon_chmod_modes; + #ifdef ICONV_OPTION +@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr, + if (iflags & ITEM_XNAME_FOLLOWS) { + if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0) + exit_cleanup(RERR_PROTOCOL); ++ ++ if (sanitize_paths) { ++ sanitize_path(buf, buf, "", 0, SP_DEFAULT); ++ len = strlen(buf); ++ } + } else { + *buf = '\0'; + len = -1; +-- +1.9.1 + |