Overview

File rsync-CVE-2024-12087_02.patch of Package rsync.38013

From b3e16be18d582dac1513c0a932d146b36e867b1b Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <andrew@tridgell.net>
Date: Tue, 26 Nov 2024 16:12:45 +1100
Subject: [PATCH 2/2] range check dir_ndx before use

---
 flist.c | 4 ++++
 1 file changed, 4 insertions(+)

Index: rsync-3.2.3/flist.c
===================================================================
--- rsync-3.2.3.orig/flist.c
+++ rsync-3.2.3/flist.c
@@ -2554,6 +2554,10 @@ struct file_list *recv_file_list(int f,
 #endif
 
 	if (inc_recurse && dir_ndx >= 0) {
+		if (dir_ndx >= dir_flist->used) {
+			rprintf(FERROR_XFER, "rsync: refusing invalid dir_ndx %u >= %u\n", dir_ndx, dir_flist->used);
+			exit_cleanup(RERR_PROTOCOL);
+		}
 		struct file_struct *file = dir_flist->files[dir_ndx];
 		if (file->flags & FLAG_GOT_DIR_FLIST) {
 			rprintf(FERROR_XFER, "rsync: refusing malicious duplicate flist for dir %d\n", dir_ndx);
openSUSE Build Service is sponsored by
Places