void-packages/srcpkgs/rsync/patches/CVE-2017-17434.patch

X-Git-Url: https://git.samba.org/?p=rsync.git;a=blobdiff_plain;f=receiver.c;h=9c46242e013c4d447b17b00bbb705a96a5c92ed1;hp=9fdafa152cb38d0fa8191b14af5cfc49a06a185c;hb=5509597decdbd7b91994210f700329d8a35e70a1;hpb=70aeb5fddd1b2f8e143276f8d5a085db16c593b9

diff --git a/receiver.c b/receiver.c
index 9fdafa1..9c46242 100644
--- receiver.c
+++ receiver.c
@@ -722,7 +722,7 @@ int recv_files(int f_in, int f_out, char *local_name)
 				break;
 			}
 			if (!fnamecmp || (daemon_filter_list.head
-			  && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0)) {
+			  && check_filter(&daemon_filter_list, FLOG, fnamecmp, 0) < 0)) {
 				fnamecmp = fname;
 				fnamecmp_type = FNAMECMP_FNAME;
 			}

X-Git-Url: https://git.samba.org/?p=rsync.git;a=blobdiff_plain;f=rsync.c;h=a0945ba4e7f5a154854d12e16f193145d9d0b7b1;hp=b82e59881018a906ce91451674ee5e3e7c658a1e;hb=70aeb5fddd1b2f8e143276f8d5a085db16c593b9;hpb=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51

diff --git a/rsync.c b/rsync.c
index b82e598..a0945ba 100644
--- rsync.c
+++ rsync.c
@@ -49,6 +49,7 @@ extern int flist_eof;
 extern int file_old_total;
 extern int keep_dirlinks;
 extern int make_backups;
+extern int sanitize_paths;
 extern struct file_list *cur_flist, *first_flist, *dir_flist;
 extern struct chmod_mode_struct *daemon_chmod_modes;
 #ifdef ICONV_OPTION
@@ -396,6 +397,11 @@ int read_ndx_and_attrs(int f_in, int f_out, int *iflag_ptr, uchar *type_ptr,
 	if (iflags & ITEM_XNAME_FOLLOWS) {
 		if ((len = read_vstring(f_in, buf, MAXPATHLEN)) < 0)
 			exit_cleanup(RERR_PROTOCOL);
+
+		if (sanitize_paths) {
+			sanitize_path(buf, buf, "", 0, SP_DEFAULT);
+			len = strlen(buf);
+		}
 	} else {
 		*buf = '\0';
 		len = -1;