pool/rsync
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1109241 from network

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1109241
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/rsync?expand=0&rev=84
This commit is contained in:
Ana Guerrero 2023-09-12 19:02:00 +00:00 committed by Git OBS Bridge
commit 8750e8df66
3 changed files with 79 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
fortified-strlcpy-fix.patch Normal file
View File

@ -0,0 +1,48 @@
From 1f83963f59960150e8c46112daa8411324c1f209 Mon Sep 17 00:00:00 2001
From: Jiri Slaby <jslaby@suse.cz>
Date: Fri, 18 Aug 2023 08:26:20 +0200
Subject: [PATCH] exclude: fix crashes with fortified strlcpy()
Fortified (-D_FORTIFY_SOURCE=2 for gcc) builds make strlcpy() crash when
its third parameter (size) is larger than the buffer:
$ rsync -FFXHav '--filter=merge global-rsync-filter' Align-37-43/ xxx
sending incremental file list
*** buffer overflow detected ***: terminated
It's in the exclude code in setup_merge_file():
strlcpy(y, save, MAXPATHLEN);
Note the 'y' pointer was incremented, so it no longer points to memory
with MAXPATHLEN "owned" bytes.
Fix it by remembering the number of copied bytes into the 'save' buffer
and use that instead of MAXPATHLEN which is clearly incorrect.
Fixes #511.
---
exclude.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/exclude.c b/exclude.c
index ffe55b167..1a5de3b9e 100644
--- a/exclude.c
+++ b/exclude.c
@@ -720,7 +720,8 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
parent_dirscan = True;
while (*y) {
char save[MAXPATHLEN];
- strlcpy(save, y, MAXPATHLEN);
+ /* copylen is strlen(y) which is < MAXPATHLEN. +1 for \0 */
+ size_t copylen = strlcpy(save, y, MAXPATHLEN) + 1;
*y = '\0';
dirbuf_len = y - dirbuf;
strlcpy(x, ex->pattern, MAXPATHLEN - (x - buf));
@@ -734,7 +735,7 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
lp->head = NULL;
}
lp->tail = NULL;
- strlcpy(y, save, MAXPATHLEN);
+ strlcpy(y, save, copylen);
while ((*x++ = *y++) != '/') {}
}
parent_dirscan = False;

17
rsync.changes
View File

@ -1,3 +1,20 @@
-------------------------------------------------------------------
Wed Sep 6 09:19:36 UTC 2023 - Thorsten Kukuk <kukuk@suse.com>
- Use "slp" for bcond, not "openslp", like we use for all other
packages, too.
- Disable slp patch and configure option if bcond slp is disabled.
-------------------------------------------------------------------
Tue Sep 5 12:07:57 UTC 2023 - Dirk Müller <dmueller@suse.com>
- add fortified-strlcpy-fix.patch (bsc#1214616)
-------------------------------------------------------------------
Tue Sep 5 11:11:04 UTC 2023 - Fabian Vogt <fvogt@suse.com>
- Disable openslp support on new distros (bsc#1214884)
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Jul 26 15:07:23 UTC 2023 - Antonio Teixeira <antonio.teixeira@suse.com> Wed Jul 26 15:07:23 UTC 2023 - Antonio Teixeira <antonio.teixeira@suse.com>

15
rsync.spec
View File

@ -28,6 +28,12 @@
%bcond_with gcc11 %bcond_with gcc11
%endif %endif
%if 0%{?suse_version} < 1600
%bcond_without slp
%else
%bcond_with slp
%endif
Name: rsync Name: rsync
Version: 3.2.7 Version: 3.2.7
Release: 0 Release: 0
@ -49,13 +55,13 @@ Source11: https://rsync.samba.org/ftp/rsync/src/rsync-patches-%{version}.t
Source12: %{name}.keyring Source12: %{name}.keyring
Source13: rsyncd Source13: rsyncd
Patch0: rsync-no-libattr.patch Patch0: rsync-no-libattr.patch
Patch1: fortified-strlcpy-fix.patch
BuildRequires: autoconf BuildRequires: autoconf
BuildRequires: automake BuildRequires: automake
BuildRequires: c++_compiler BuildRequires: c++_compiler
BuildRequires: libacl-devel BuildRequires: libacl-devel
BuildRequires: liblz4-devel BuildRequires: liblz4-devel
BuildRequires: libzstd-devel BuildRequires: libzstd-devel
BuildRequires: openslp-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig
BuildRequires: popt-devel BuildRequires: popt-devel
BuildRequires: systemd-rpm-macros BuildRequires: systemd-rpm-macros
@ -66,6 +72,9 @@ BuildRequires: pkgconfig(libxxhash) >= 0.8.0
%if %{with gcc11} %if %{with gcc11}
BuildRequires: gcc11-c++ BuildRequires: gcc11-c++
%endif %endif
%if %{with slp}
BuildRequires: openslp-devel
%endif
BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(openssl)
Requires(post): grep Requires(post): grep
Requires(post): sed Requires(post): sed
@ -85,7 +94,9 @@ for backups and mirroring and as an improved copy command for everyday use.
%setup -q -b 1 %setup -q -b 1
rm -f zlib/*.h zlib/*.c rm -f zlib/*.h zlib/*.c
%if %{with slp}
patch -p1 < patches/slp.diff patch -p1 < patches/slp.diff
%endif
%autopatch -p1 %autopatch -p1
@ -108,7 +119,9 @@ export LDFLAGS="-Wl,-z,relro,-z,now -fPIE -pie"
%ifarch x86_64 %ifarch x86_64
--enable-simd \ --enable-simd \
%endif %endif
%if %{with slp}
--enable-slp \ --enable-slp \
%endif
--enable-acl-support \ --enable-acl-support \
--enable-xattr-support --enable-xattr-support
%make_build reconfigure %make_build reconfigure