[Bug 8654] link-by-hash: Fix (non-exploitable) buffer overflow

samba-bugs at samba.org samba-bugs at samba.org
Thu Dec 15 20:11:57 MST 2011


Wayne Davison <wayned at samba.org> changed:

           What    |Removed                     |Added
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED

--- Comment #10 from Wayne Davison <wayned at samba.org> 2011-12-16 03:11:55 UTC ---
Thanks for pointing out the various problems with the patch, and providing some
suggested fixes.

I made several changes:

- I changed the code to use the file's MD5 checksum when talking to a modern
rsync (3.0.0 and newer).  This means one less checksum to compute, and most
people don't use an rsync older than 3.x these days.  It does allow the use of
an MD4 checksum for supporting an older sender, but it requires the user to
force this mode using --checksum-seed=1 --protocol=29 (which will make the
old-style MD4 checksums consistent).  The documentation recommends using one or
the other -- obviously using both would waste space.  This change is
incompatible with an old directory setup, but someone could convert the link
hierarchy via a simple script.

- I unified the checksum's conversion to hex in a single function that log.c
and linkhash.c use.  I don't like the use of sprintf() in a loop, so the code
continues to do its own hex conversion, just with better size checking.

- I included your daemon setting support, your manpage additions, your
static-function tweaks, and hopefully covered all the issues you found.

- I made the hashlinks.c routines less chatty by putting the output into a new
--debug=hashlink option.

You can see the latest version of the patch via gitweb:



Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the rsync mailing list