DO NOT REPLY [Bug 7057] New: Buffer overflow when sending a file with long name

Fri Jan 22 15:05:20 MST 2010

https://bugzilla.samba.org/show_bug.cgi?id=7057

           Summary: Buffer overflow when sending a file with long name
           Product: rsync
           Version: 3.0.7
          Platform: All
               URL: https://bugzilla.redhat.com/show_bug.cgi?id=557916
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P3
         Component: core
        AssignedTo: wayned at samba.org
        ReportedBy: jzeleny at redhat.com
         QAContact: rsync-qa at samba.org

There is a description of the issue in the bug report given in URL. What I
found out is that most likely there is a bug in function f_name(). There is no
string bounding checked when making a copy of a file path. That leads to buffer
overflow in function send1extra() and possibly in other functions. Attaching a
patch, which should be resolving this, but I'm not sure if I took the right
approach. Please check it.

-- 
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.