[SCM] The rsync repository. - branch master updated

Sun Oct 29 22:56:20 UTC 2017

The branch, master has been updated
       via  8a82fee Don't overflow an allocated dest buf when input path is empty. Fixes bug 13105.
       via  0350f95 Add an extra argc validation in do_server_sender(). Fixes bug 13104.
      from  9a480de Only allow a modern checksum method for passwords.

https://git.samba.org/?p=rsync.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 8a82feeb7cebcbba7826e861905af52582850459
Author: Wayne Davison <wayned at samba.org>
Date:   Sun Oct 29 15:52:46 2017 -0700

    Don't overflow an allocated dest buf when input path is empty.
    Fixes bug 13105.

commit 0350f95e7bfd0fc6c444682f16e0c9af32874eac
Author: Wayne Davison <wayned at samba.org>
Date:   Sun Oct 29 15:22:22 2017 -0700

    Add an extra argc validation in do_server_sender().
    Fixes bug 13104.

-----------------------------------------------------------------------

Summary of changes:
 main.c | 13 ++++++++-----
 util.c |  8 ++++----
 2 files changed, 12 insertions(+), 9 deletions(-)


Changeset truncated at 500 lines:

diff --git a/main.c b/main.c
index 3908ccf..ec89667 100644
--- a/main.c
+++ b/main.c
@@ -783,7 +783,7 @@ static void read_final_goodbye(int f_in, int f_out)
 static void do_server_sender(int f_in, int f_out, int argc, char *argv[])
 {
 	struct file_list *flist;
-	char *dir = argv[0];
+	char *dir;
 
 	if (DEBUG_GTE(SEND, 1))
 		rprintf(FINFO, "server_sender starting pid=%d\n", (int)getpid());
@@ -791,16 +791,19 @@ static void do_server_sender(int f_in, int f_out, int argc, char *argv[])
 	if (am_daemon && lp_write_only(module_id)) {
 		rprintf(FERROR, "ERROR: module is write only\n");
 		exit_cleanup(RERR_SYNTAX);
-		return;
 	}
 	if (am_daemon && read_only && remove_source_files) {
 		rprintf(FERROR,
-		    "ERROR: --remove-%s-files cannot be used with a read-only module\n",
-		    remove_source_files == 1 ? "source" : "sent");
+			"ERROR: --remove-%s-files cannot be used with a read-only module\n",
+			remove_source_files == 1 ? "source" : "sent");
+		exit_cleanup(RERR_SYNTAX);
+	}
+	if (argc < 1) {
+		rprintf(FERROR, "ERROR: do_server_sender called without args\n");
 		exit_cleanup(RERR_SYNTAX);
-		return;
 	}
 
+	dir = argv[0];
 	if (!relative_paths) {
 		if (!change_dir(dir, CD_NORMAL)) {
 			rsyserr(FERROR, errno, "change_dir#3 %s failed",
diff --git a/util.c b/util.c
index d50900c..f8f2de6 100644
--- a/util.c
+++ b/util.c
@@ -1009,7 +1009,7 @@ char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth,
 	int rlen = 0, drop_dot_dirs = !relative_paths || !(flags & SP_KEEP_DOT_DIRS);
 
 	if (dest != p) {
-		int plen = strlen(p);
+		int plen = strlen(p); /* the path len INCLUDING any separating slash */
 		if (*p == '/') {
 			if (!rootdir)
 				rootdir = module_dir;
@@ -1020,11 +1020,11 @@ char *sanitize_path(char *dest, const char *p, const char *rootdir, int depth,
 		if (dest) {
 			if (rlen + plen + 1 >= MAXPATHLEN)
 				return NULL;
-		} else if (!(dest = new_array(char, rlen + plen + 1)))
+		} else if (!(dest = new_array(char, MAX(rlen + plen + 1, 2))))
 			out_of_memory("sanitize_path");
-		if (rlen) {
+		if (rlen) { /* only true if p previously started with a slash */
 			memcpy(dest, rootdir, rlen);
-			if (rlen > 1)
+			if (rlen > 1) /* a rootdir of len 1 is "/", so this avoids a 2nd slash */
 				dest[rlen++] = '/';
 		}
 	}


-- 
The rsync repository.

