DO NOT REPLY [Bug 5235] New: buffer overflow in receive_file_entry

Thu Jan 31 10:53:41 GMT 2008

https://bugzilla.samba.org/show_bug.cgi?id=5235

           Summary: buffer overflow in receive_file_entry
           Product: rsync
           Version: 2.6.9
          Platform: Other
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: core
        AssignedTo: wayned at samba.org
        ReportedBy: rsync at ofdan.co.uk
         QAContact: rsync-qa at samba.org

ERROR: buffer overflow in receive_file_entry
rsync error: error allocating core memory buffers (code 22) at util.c(126)

I also found a similiar error using google.com here..
http://lists.samba.org/archive/rsync/2005-April/012104.html

I have tested 2.6.6 and 2.6.8

This fix is for 2.6.8
The changes I have made to fix my error were in 

flist.c (489.c)

static struct file_struct *receive_file_entry(struct file_list *flist, unsigned
short flags, int f)

I changed the following lines:

        static char lastname[MAXPATHLEN], *lastdir;
        char thisname[MAXPATHLEN];

        if (l2 >= MAXPATHLEN - l1) {

to:

        static char lastname[BIGPATHBUFLEN], *lastdir;
        char thisname[BIGPATHBUFLEN];

        if (l2 >= BIGPATHBUFLEN - l1) {

I haven't done full debugged this, but it compiles and runs, and does what I
want so far.

The cause for this, was very long file names.

-- 
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.