75a929547a
patches from upstream git: CVE-2017-16548: https: //git.samba.org/rsync.git/?p=rsync.git;a=commit;h=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1 CVE-2017-17433: https: //git.samba.org/?p=rsync.git;a=commit;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51 CVE-2017-17434: https: //git.samba.org/?p=rsync.git;a=commit;h=5509597decdbd7b91994210f700329d8a35e70a1 https: //git.samba.org/?p=rsync.git;a=commit;h=70aeb5fddd1b2f8e143276f8d5a085db16c593b9 Closes: #10141 [via git-merge-pr]
17 lines
766 B
Diff
17 lines
766 B
Diff
X-Git-Url: https://git.samba.org/rsync.git/?p=rsync.git;a=blobdiff_plain;f=xattrs.c;h=4867e6f5b8ad2934d43b06f3b99b7b3690a6dc7a;hp=68305d7559b34f5cc2f196b74429b82fa6ff49dd;hb=47a63d90e71d3e19e0e96052bb8c6b9cb140ecc1;hpb=bc112b0e7feece62ce98708092306639a8a53cce
|
|
|
|
diff --git a/xattrs.c b/xattrs.c
|
|
index 68305d7..4867e6f 100644
|
|
--- xattrs.c
|
|
+++ xattrs.c
|
|
@@ -824,6 +824,10 @@ void receive_xattr(int f, struct file_struct *file)
|
|
out_of_memory("receive_xattr");
|
|
name = ptr + dget_len + extra_len;
|
|
read_buf(f, name, name_len);
|
|
+ if (name_len < 1 || name[name_len-1] != '\0') {
|
|
+ rprintf(FERROR, "Invalid xattr name received (missing trailing \\0).\n");
|
|
+ exit_cleanup(RERR_FILEIO);
|
|
+ }
|
|
if (dget_len == datum_len)
|
|
read_buf(f, ptr, dget_len);
|
|
else {
|