DO NOT REPLY [Bug 7057] New: Buffer overflow when sending a file with long name
samba-bugs at samba.org
samba-bugs at samba.org
Fri Jan 22 15:05:20 MST 2010
https://bugzilla.samba.org/show_bug.cgi?id=7057
Summary: Buffer overflow when sending a file with long name
Product: rsync
Version: 3.0.7
Platform: All
URL: https://bugzilla.redhat.com/show_bug.cgi?id=557916
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P3
Component: core
AssignedTo: wayned at samba.org
ReportedBy: jzeleny at redhat.com
QAContact: rsync-qa at samba.org
There is a description of the issue in the bug report given in URL. What I
found out is that most likely there is a bug in function f_name(). There is no
string bounding checked when making a copy of a file path. That leads to buffer
overflow in function send1extra() and possibly in other functions. Attaching a
patch, which should be resolving this, but I'm not sure if I took the right
approach. Please check it.
--
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the rsync
mailing list