Displaying 2 results from an estimated 2 matches for "need_sort".
Did you mean:
need_root
2017 Oct 31
2
[Bug 13112] New: receive_xattr heap overread with non null terminated name and xattr filter
https://bugzilla.samba.org/show_bug.cgi?id=13112
Bug ID: 13112
Summary: receive_xattr heap overread with non null terminated
name and xattr filter
Product: rsync
Version: 3.1.3
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: core
2017 Oct 31
0
[Bug 13113] New: receive_xattr heap overflow when prepending RSYNC_PREFIX
...REFIX)) {
843 if (!am_root && !saw_xattr_filter) {
844 free(ptr);
845 continue;
846 }
847 name -= RPRE_LEN;
848 name_len += RPRE_LEN;
849 memcpy(name, RSYNC_PREFIX, RPRE_LEN);
850 need_sort = 1;
851 }
Since there wasn't any extra_len allocated name -= RPRE_LEN can point before
the buffer causing a heap overwrite.
The patch I've attached changes MIGHT_NEED_RPRE (am_root <= 0) since the only
time we might add a prefix is when we're not root.
ASan output:
==...