diff options
author | Dexuan Cui <dexuan.cui@intel.com> | 2011-05-10 10:34:41 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2011-05-10 09:29:09 +0100 |
commit | 3670f110aacebdde118b79d31aa15156330418c6 (patch) | |
tree | f771a00fd4603aec67f6720314f839c70052fafa /meta/recipes-devtools | |
parent | d0dc2b5bb02ef55a41e7a97b6831c72391ae7f36 (diff) | |
download | openembedded-core-3670f110aacebdde118b79d31aa15156330418c6.tar.gz openembedded-core-3670f110aacebdde118b79d31aa15156330418c6.tar.bz2 openembedded-core-3670f110aacebdde118b79d31aa15156330418c6.zip |
rsync (GPLv2): fix security vulnerability CVE-2007-4091
Added a patch to fix
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091
[YOCTO #984] is partially fixed by this commit.
Signed-off-by: Dexuan Cui <dexuan.cui@intel.com>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch | 70 | ||||
-rw-r--r-- | meta/recipes-devtools/rsync/rsync_2.6.9.bb | 3 |
2 files changed, 72 insertions, 1 deletions
diff --git a/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch new file mode 100644 index 0000000000..f054452f37 --- /dev/null +++ b/meta/recipes-devtools/rsync/rsync-2.6.9/rsync-2.6.9-fname-obo.patch @@ -0,0 +1,70 @@ +Upstream-Status: Backport [ The patch is rsync-2.6.9 specific ] + +The patch is from https://issues.rpath.com/browse/RPL-1647 and is used to +address http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4091 + +Date: Tue May 10 10:07:36 2011 +0800 +Dexuan Cui <dexuan.cui@intel.com> + +diff --git a/sender.c b/sender.c +index 6fcaa65..053a8f1 100644 +--- a/sender.c ++++ b/sender.c +@@ -123,6 +123,7 @@ void successful_send(int ndx) + char fname[MAXPATHLEN]; + struct file_struct *file; + unsigned int offset; ++ size_t l = 0; + + if (ndx < 0 || ndx >= the_file_list->count) + return; +@@ -133,6 +134,20 @@ void successful_send(int ndx) + file->dir.root, "/", NULL); + } else + offset = 0; ++ ++ l = offset + 1; ++ if (file) { ++ if (file->dirname) ++ l += strlen(file->dirname); ++ if (file->basename) ++ l += strlen(file->basename); ++ } ++ ++ if (l >= sizeof(fname)) { ++ rprintf(FERROR, "Overlong pathname\n"); ++ exit_cleanup(RERR_FILESELECT); ++ } ++ + f_name(file, fname + offset); + if (remove_source_files) { + if (do_unlink(fname) == 0) { +@@ -224,6 +239,7 @@ void send_files(struct file_list *flist, int f_out, int f_in) + enum logcode log_code = log_before_transfer ? FLOG : FINFO; + int f_xfer = write_batch < 0 ? batch_fd : f_out; + int i, j; ++ size_t l = 0; + + if (verbose > 2) + rprintf(FINFO, "send_files starting\n"); +@@ -259,6 +275,20 @@ void send_files(struct file_list *flist, int f_out, int f_in) + fname[offset++] = '/'; + } else + offset = 0; ++ ++ l = offset + 1; ++ if (file) { ++ if (file->dirname) ++ l += strlen(file->dirname); ++ if (file->basename) ++ l += strlen(file->basename); ++ } ++ ++ if (l >= sizeof(fname)) { ++ rprintf(FERROR, "Overlong pathname\n"); ++ exit_cleanup(RERR_FILESELECT); ++ } ++ + fname2 = f_name(file, fname + offset); + + if (verbose > 2) diff --git a/meta/recipes-devtools/rsync/rsync_2.6.9.bb b/meta/recipes-devtools/rsync/rsync_2.6.9.bb index 43379829ea..17c18a4ad8 100644 --- a/meta/recipes-devtools/rsync/rsync_2.6.9.bb +++ b/meta/recipes-devtools/rsync/rsync_2.6.9.bb @@ -8,6 +8,7 @@ PRIORITY = "optional" DEPENDS = "popt" SRC_URI = "http://rsync.samba.org/ftp/rsync/src/rsync-${PV}.tar.gz \ + file://rsync-2.6.9-fname-obo.patch \ file://rsyncd.conf" inherit autotools @@ -22,4 +23,4 @@ EXTRA_OEMAKE='STRIP=""' LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=6d5a9d4c4d3af25cd68fd83e8a8cb09c" -PR = "r2" +PR = "r3" |