librsync and rsync vulnerability to maliciously crafted data. was Re: MD4 checksum_seed

Donovan Baarda abo at
Thu Apr 8 10:30:37 GMT 2004


From: "Eran Tromer" <rsync2eran at>
> > librsync needs a whole file checksum. Without it, it silently fails for
> > case 1), 3), and 4).
> >
> > librsync could benefit from a random checksum_seed. It would need to be
> > included in the signature. Without it librsync is vulnerable to cases 1)
> > and 3).
> [snip]
> > rsync shouldn't need a fixed seed for batch modes... just store the seed
> > in the signature. using a fixed seed makes it vulnerable to 1) and 3).
> I fully agree with your analysis.
> I'll just note that in many situations, case 2 can be elevated to case 3
> simply by transferring the file twice.

Yeah... did you see my followup post about the posiblity of using the
whole-file checksum as the checksum_seed for the blocksums? I think it would
be a good idea for librsync. It does require a double-parse to generate the
signature, but is otherwise quite nice.

Donovan Baarda      

More information about the rsync mailing list