search for: send1extra

...DFD7: _realloc_array (util.c:1438) by 0x41EC36: expand_item_list (util.c:1690) by 0x43C3DE: rsync_xal_get (xattrs.c:268) by 0x43C602: get_xattr (xattrs.c:309) by 0x4076EF: send_file_name (flist.c:1433) by 0x40817D: send_directory (flist.c:1673) by 0x408991: send1extra (flist.c:1827) by 0x408D23: send_extra_file_list (flist.c:1899) by 0x417345: send_files (sender.c:184) by 0x42110A: client_run (main.c:1039) by 0x421B9B: start_client (main.c:1287) - There is another unrelated leak at much lower rate; 109 bytes in 39 blocks are d...

...QAContact: rsync-qa at samba.org There is a description of the issue in the bug report given in URL. What I found out is that most likely there is a bug in function f_name(). There is no string bounding checked when making a copy of a file path. That leads to buffer overflow in function send1extra() and possibly in other functions. Attaching a patch, which should be resolving this, but I'm not sure if I took the right approach. Please check it. -- Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA c...