void-packages/srcpkgs/rsync/patches/CVE-2017-17434.patch

43 lines
1.6 KiB
Diff

X-Git-Url: https://git.samba.org/?p=rsync.git;a=blobdiff_plain;f=receiver.c;h=9c46242e013c4d447b17b00bbb705a96a5c92ed1;hp=9fdafa152cb38d0fa8191b14af5cfc49a06a185c;hb=5509597decdbd7b91994210f700329d8a35e70a1;hpb=70aeb5fddd1b2f8e143276f8d5a085db16c593b9
diff --git a/receiver.c b/receiver.c
index 9fdafa1..9c46242 100644
--- receiver.c
+++ receiver.c
@@ -722,7 +722,7 @@ int recv_files(int f_in, int f_out, char *local_name)
break;
}
if (!fnamecmp || (daemon_filter_list.head
- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0)) {
+ && check_filter(&daemon_filter_list, FLOG, fnamecmp, 0) < 0)) {
fnamecmp = fname;
fnamecmp_type = FNAMECMP_FNAME;
}
X-Git-Url: https://git.samba.org/?p=rsync.git;a=blobdiff_plain;f=rsync.c;h=a0945ba4e7f5a154854d12e16f193145d9d0b7b1;hp=b82e59881018a906ce91451674ee5e3e7c658a1e;hb=70aeb5fddd1b2f8e143276f8d5a085db16c593b9;hpb=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51
diff --git a/rsync.c b/rsync.c
index b82e598..a0945ba 100644
--- rsync.c
+++ rsync.c
@@ -49,6 +49,7 @@ extern int flist_eof;
extern int file_old_total;
extern int keep_dirlinks;
extern int make_backups;
+extern int sanitize_paths;
extern struct file_list *cur_flist, *first_flist, *dir_flist;
extern struct chmod_mode_struct *daemon_chmod_modes;
#ifdef ICONV_OPTION
@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
if (iflags & ITEM_XNAME_FOLLOWS) {
if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0)
exit_cleanup(RERR_PROTOCOL);
+
+ if (sanitize_paths) {
+ sanitize_path(buf, buf, "", 0, SP_DEFAULT);
+ len = strlen(buf);
+ }
} else {
*buf = '\0';
len = -1;