head 1.27; access; symbols OPENPKG_E1_MP_HEAD:1.23 OPENPKG_E1_MP:1.23 OPENPKG_E1_MP_2_STABLE:1.22 OPENPKG_E1_FP:1.22 OPENPKG_2_STABLE_MP:1.23 OPENPKG_2_STABLE_20061018:1.22 OPENPKG_2_STABLE_20060622:1.22 OPENPKG_2_STABLE:1.22.0.2 OPENPKG_2_STABLE_BP:1.22 OPENPKG_2_5_RELEASE:1.18 OPENPKG_2_5_SOLID:1.18.0.2 OPENPKG_2_5_SOLID_BP:1.18 OPENPKG_2_4_RELEASE:1.17 OPENPKG_2_4_SOLID:1.17.0.2 OPENPKG_2_4_SOLID_BP:1.17 OPENPKG_CW_FP:1.16 OPENPKG_2_3_RELEASE:1.14 OPENPKG_2_3_SOLID:1.14.0.2 OPENPKG_2_3_SOLID_BP:1.14 OPENPKG_2_2_RELEASE:1.11 OPENPKG_2_2_SOLID:1.11.0.2 OPENPKG_2_2_SOLID_BP:1.11 OPENPKG_2_1_RELEASE:1.9 OPENPKG_2_1_SOLID:1.9.0.2 OPENPKG_2_1_SOLID_BP:1.9 OPENPKG_2_0_RELEASE:1.5 OPENPKG_2_0_SOLID:1.5.0.2 OPENPKG_2_0_SOLID_BP:1.5 OPENPKG_1_3_RELEASE:1.3.2.1 OPENPKG_1_3_SOLID:1.3.2.1.0.2 OPENPKG_1_3_SOLID_BP:1.3.2.1 OPENPKG_1_STABLE_MP:1.4 OPENPKG_1_2_RELEASE:1.3 OPENPKG_1_2_SOLID:1.3.0.4 OPENPKG_1_2_SOLID_BP:1.3 OPENPKG_1_STABLE:1.3.0.2 OPENPKG_1_STABLE_BP:1.3 OPENPKG_1_1_RELEASE:1.2 OPENPKG_1_1_SOLID:1.2.0.2 OPENPKG_1_1_SOLID_BP:1.2; locks; strict; comment @# @; 1.27 date 2008.12.29.08.08.56; author rse; state Exp; branches; next 1.26; commitid DTiYFmh7XCMQUkwt; 1.26 date 2008.03.12.16.26.11; author rse; state Exp; branches; next 1.25; commitid vVwbpHbv7Fbm3RUs; 1.25 date 2008.03.02.19.52.48; author rse; state Exp; branches; next 1.24; commitid 135nqBW3jr3bwATs; 1.24 date 2007.08.18.18.50.39; author cs; state Exp; branches; next 1.23; commitid TOUemYUe9Fisvgus; 1.23 date 2006.11.08.08.36.12; author rse; state Exp; branches; next 1.22; commitid iwBcSJT5XJvEcQTr; 1.22 date 2006.05.30.18.34.03; author rse; state Exp; branches 1.22.2.1; next 1.21; commitid RQN5BXoFWbcBI4zr; 1.21 date 2006.04.22.18.39.07; author rse; state Exp; branches; next 1.20; commitid vIwZxZCD1Yj4Ybur; 1.20 date 2006.04.04.07.31.03; author rse; state Exp; branches; next 1.19; commitid vQwoamms8X0KQOrr; 1.19 date 2006.03.12.09.09.44; author rse; state Exp; branches; next 1.18; commitid EjRNiv4q5ZDr8Sor; 1.18 date 2005.07.29.07.39.18; author rse; state Exp; branches; next 1.17; 1.17 date 2005.06.13.18.16.46; author rse; state Exp; branches; next 1.16; 1.16 date 2005.03.04.11.05.48; author rse; state Exp; branches; next 1.15; 1.15 date 2005.03.04.10.09.34; author rse; state Exp; branches; next 1.14; 1.14 date 2005.01.02.16.35.00; author rse; state Exp; branches; next 1.13; 1.13 date 2005.01.02.16.15.06; author rse; state Exp; branches; next 1.12; 1.12 date 2005.01.02.12.19.27; author rse; state Exp; branches; next 1.11; 1.11 date 2004.10.01.07.37.54; author rse; state Exp; branches; next 1.10; 1.10 date 2004.08.15.09.53.21; author rse; state Exp; branches; next 1.9; 1.9 date 2004.05.03.14.13.25; author rse; state Exp; branches 1.9.2.1; next 1.8; 1.8 date 2004.05.01.06.56.19; author rse; state Exp; branches; next 1.7; 1.7 date 2004.04.30.11.05.11; author rse; state Exp; branches; next 1.6; 1.6 date 2004.04.29.15.27.25; author rse; state Exp; branches; next 1.5; 1.5 date 2004.01.01.19.17.57; author rse; state Exp; branches 1.5.2.1; next 1.4; 1.4 date 2003.01.28.09.06.20; author rse; state Exp; branches; next 1.3; 1.3 date 2002.12.27.09.29.17; author rse; state Exp; branches 1.3.2.1 1.3.4.1; next 1.2; 1.2 date 2002.06.11.13.54.49; author rse; state Exp; branches; next 1.1; 1.1 date 2002.04.23.11.54.26; author rse; state Exp; branches; next ; 1.22.2.1 date 2006.12.21.18.42.09; author thl; state Exp; branches; next ; commitid Fh5aLL1Uk6dOaqZr; 1.9.2.1 date 2004.08.15.09.56.35; author rse; state Exp; branches; next ; 1.5.2.1 date 2004.05.21.16.05.43; author thl; state Exp; branches; next 1.5.2.2; 1.5.2.2 date 2004.08.15.10.00.32; author rse; state Exp; branches; next ; 1.3.2.1 date 2003.07.24.20.42.05; author rse; state Exp; branches 1.3.2.1.2.1; next ; 1.3.2.1.2.1 date 2003.12.04.15.41.42; author thl; state Exp; branches; next 1.3.2.1.2.2; 1.3.2.1.2.2 date 2004.05.21.16.06.04; author thl; state Exp; branches; next ; 1.3.4.1 date 2003.12.04.15.42.41; author thl; state Exp; branches; next ; desc @@ 1.27 log @upgrading package: rsync 3.0.4 -> 3.0.5 @ text @Index: Makefile.in --- Makefile.in.orig 2008-11-16 00:32:02 +0100 +++ Makefile.in 2008-12-29 09:06:40 +0100 @@@@ -13,6 +13,7 @@@@ CPPFLAGS=@@CPPFLAGS@@ EXEEXT=@@EXEEXT@@ LDFLAGS=@@LDFLAGS@@ +PERL=perl INSTALLCMD=@@INSTALL@@ INSTALLMAN=@@INSTALL@@ @@@@ -175,7 +176,7 @@@@ @@if test -f proto.h; then :; else cp -p $(srcdir)/proto.h .; fi proto.h-tstamp: $(srcdir)/*.c $(srcdir)/lib/compat.c - perl $(srcdir)/mkproto.pl $(srcdir)/*.c $(srcdir)/lib/compat.c + $(PERL) $(srcdir)/mkproto.pl $(srcdir)/*.c $(srcdir)/lib/compat.c man: rsync.1 rsyncd.conf.5 @@if test -f rsync.1; then :; else cp -p $(srcdir)/rsync.1 .; fi Index: compat.c --- compat.c.orig 2008-08-02 16:04:54 +0200 +++ compat.c 2008-12-29 09:06:40 +0100 @@@@ -164,19 +164,21 @@@@ rprintf(FINFO, "(%s) Protocol versions: remote=%d, negotiated=%d\n", am_server? "Server" : "Client", remote_protocol, protocol_version); } - if (remote_protocol < MIN_PROTOCOL_VERSION - || remote_protocol > MAX_PROTOCOL_VERSION) { + if ( ( am_server && (remote_protocol < MIN_CLIENT_PROTOCOL_VERSION || remote_protocol > MAX_CLIENT_PROTOCOL_VERSION)) + || (!am_server && (remote_protocol < MIN_SERVER_PROTOCOL_VERSION || remote_protocol > MAX_SERVER_PROTOCOL_VERSION))) { rprintf(FERROR,"protocol version mismatch -- is your shell clean?\n"); rprintf(FERROR,"(see the rsync man page for an explanation)\n"); exit_cleanup(RERR_PROTOCOL); } - if (remote_protocol < OLD_PROTOCOL_VERSION) { - rprintf(FINFO,"%s is very old version of rsync, upgrade recommended.\n", - am_server? "Client" : "Server"); + if ( ( am_server && remote_protocol < OLD_CLIENT_PROTOCOL_VERSION) + || (!am_server && remote_protocol < OLD_SERVER_PROTOCOL_VERSION)) { + rprintf(FINFO,"%s is very old version (protocol %d) of rsync, upgrade recommended.\n", + am_server? "Client" : "Server", remote_protocol); } - if (protocol_version < MIN_PROTOCOL_VERSION) { + if ( ( am_server && protocol_version < MIN_SERVER_PROTOCOL_VERSION) + || (!am_server && protocol_version < MIN_CLIENT_PROTOCOL_VERSION)) { rprintf(FERROR, "--protocol must be at least %d on the %s.\n", - MIN_PROTOCOL_VERSION, am_server? "Server" : "Client"); + am_server ? MIN_SERVER_PROTOCOL_VERSION : MIN_CLIENT_PROTOCOL_VERSION, am_server? "Server" : "Client"); exit_cleanup(RERR_PROTOCOL); } if (protocol_version > PROTOCOL_VERSION) { Index: rsync.h --- rsync.h.orig 2008-09-27 06:21:52 +0200 +++ rsync.h 2008-12-29 09:06:40 +0100 @@@@ -114,9 +114,12 @@@@ * unlikely to begin by sending a byte between MIN_PROTOCL_VERSION and * MAX_PROTOCOL_VERSION. */ -#define MIN_PROTOCOL_VERSION 20 -#define OLD_PROTOCOL_VERSION 25 -#define MAX_PROTOCOL_VERSION 40 +#define MIN_SERVER_PROTOCOL_VERSION 20 +#define OLD_SERVER_PROTOCOL_VERSION 25 +#define MAX_SERVER_PROTOCOL_VERSION 40 +#define MIN_CLIENT_PROTOCOL_VERSION 25 +#define OLD_CLIENT_PROTOCOL_VERSION 27 +#define MAX_CLIENT_PROTOCOL_VERSION 40 #define FILECNT_LOOKAHEAD 1000 @ 1.26 log @use miniperl instead of requireing perl (which is not allowed as rsync is CORE); add with_iconv option for the --iconv functionality @ text @d2 2 a3 2 --- Makefile.in.orig 2008-02-13 02:29:09 +0100 +++ Makefile.in 2008-03-12 17:12:05 +0100 d12 2 a13 2 @@@@ -147,7 +148,7 @@@@ @@echo ' ' >/dev/null d20 1 a20 1 d22 3 a24 3 --- compat.c.orig 2008-03-01 21:01:41 +0100 +++ compat.c 2008-03-12 17:10:21 +0100 @@@@ -161,19 +161,21 @@@@ d54 3 a56 3 --- rsync.h.orig 2008-03-01 21:12:04 +0100 +++ rsync.h 2008-03-12 17:10:21 +0100 @@@@ -113,9 +113,12 @@@@ @ 1.25 log @upgrading package: rsync 2.6.9 -> 3.0.0 @ text @d1 20 d22 3 a24 3 --- compat.c.orig 2006-04-26 01:51:12 +0200 +++ compat.c 2006-11-08 09:09:06 +0100 @@@@ -54,19 +54,21 @@@@ d54 3 a56 3 --- rsync.h.orig 2006-10-24 05:31:30 +0200 +++ rsync.h 2006-11-08 09:09:06 +0100 @@@@ -86,9 +86,12 @@@@ d70 1 a70 1 #define RSYNC_PORT 873 @ 1.24 log @security fix regarding CVE-2007-4091 @ text @a51 67 ________________________________________________________________________ Security fix regarding CVE-2007-4091 o http://secunia.com/cve_reference/CVE-2007-4091/ o http://www.suse.de/%7Ekrahmer/rsync-2.6.9-fname-obo.diff Index: sender.c --- sender.c.orig 2006-09-20 03:53:32.000000000 +0200 +++ sender.c 2007-07-25 15:33:05.000000000 +0200 @@@@ -123,6 +123,7 @@@@ char fname[MAXPATHLEN]; struct file_struct *file; unsigned int offset; + size_t l = 0; if (ndx < 0 || ndx >= the_file_list->count) return; @@@@ -133,6 +134,20 @@@@ file->dir.root, "/", NULL); } else offset = 0; + + l = offset + 1; + if (file) { + if (file->dirname) + l += strlen(file->dirname); + if (file->basename) + l += strlen(file->basename); + } + + if (l >= sizeof(fname)) { + rprintf(FERROR, "Overlong pathname\n"); + exit_cleanup(RERR_FILESELECT); + } + f_name(file, fname + offset); if (remove_source_files) { if (do_unlink(fname) == 0) { @@@@ -224,6 +239,7 @@@@ enum logcode log_code = log_before_transfer ? FLOG : FINFO; int f_xfer = write_batch < 0 ? batch_fd : f_out; int i, j; + size_t l = 0; if (verbose > 2) rprintf(FINFO, "send_files starting\n"); @@@@ -259,6 +275,20 @@@@ fname[offset++] = '/'; } else offset = 0; + + l = offset + 1; + if (file) { + if (file->dirname) + l += strlen(file->dirname); + if (file->basename) + l += strlen(file->basename); + } + + if (l >= sizeof(fname)) { + rprintf(FERROR, "Overlong pathname\n"); + exit_cleanup(RERR_FILESELECT); + } + fname2 = f_name(file, fname + offset); if (verbose > 2) @ 1.23 log @upgrading package: rsync 2.6.8 -> 2.6.9 @ text @d52 67 @ 1.22 log @add vendor patch to fix 'unexpected tag 3' errors. @ text @d2 3 a4 3 --- compat.c.orig 2006-02-24 17:43:44 +0100 +++ compat.c 2006-04-22 20:30:39 +0200 @@@@ -57,19 +57,21 @@@@ d34 3 a36 3 --- rsync.h.orig 2006-04-13 18:53:15 +0200 +++ rsync.h 2006-04-22 20:30:39 +0200 @@@@ -85,9 +85,12 @@@@ a51 91 ----------------------------------------------------------------------------- Vendor patch to fix 'unexpected tag 3' errors. http://lists.samba.org/archive/rsync/2006-May/015607.html Index: io.c --- io.c.orig 2006-04-21 18:40:19 +0200 +++ io.c 2006-05-30 20:30:09 +0200 @@@@ -273,10 +273,7 @@@@ exit_cleanup(RERR_STREAMIO); } read_loop(fd, buf, len); - if (defer_forwarding_messages) - msg_list_add(&msg2sndr, MSG_DELETED, buf, len); - else - io_multiplex_write(MSG_DELETED, buf, len); + send_msg(MSG_DELETED, buf, len); break; case MSG_SUCCESS: if (len != 4 || !am_generator) { @@@@ -286,10 +283,7 @@@@ read_loop(fd, buf, len); if (remove_sent_files) { decrement_active_files(IVAL(buf,0)); - if (defer_forwarding_messages) - msg_list_add(&msg2sndr, MSG_SUCCESS, buf, len); - else - io_multiplex_write(MSG_SUCCESS, buf, len); + send_msg(MSG_SUCCESS, buf, len); } if (preserve_hard_links) flist_ndx_push(&hlink_list, IVAL(buf,0)); @@@@ -309,10 +303,7 @@@@ if (n >= sizeof buf) n = sizeof buf - 1; read_loop(fd, buf, n); - if (am_generator && am_server && defer_forwarding_messages) - msg_list_add(&msg2sndr, tag, buf, n); - else - rwrite((enum logcode)tag, buf, n); + rwrite(tag, buf, n); len -= n; } break; @@@@ -386,14 +377,19 @@@@ return 1; } -void send_msg(enum msgcode code, char *buf, int len) +int send_msg(enum msgcode code, char *buf, int len) { if (msg_fd_out < 0) { - io_multiplex_write(code, buf, len); - return; + if (!defer_forwarding_messages) + return io_multiplex_write(code, buf, len); + if (!io_multiplexing_out) + return 0; + msg_list_add(&msg2sndr, code, buf, len); + return 1; } msg_list_add(&msg2genr, code, buf, len); msg2genr_flush(NORMAL_FLUSH); + return 1; } int get_redo_num(int itemizing, enum logcode code) Index: log.c --- log.c.orig 2006-04-08 18:04:34 +0200 +++ log.c 2006-05-30 20:30:09 +0200 @@@@ -264,7 +264,7 @@@@ if (am_server) { /* Pass the message to the non-server side. */ - if (io_multiplex_write((enum msgcode)code, buf, len)) + if (send_msg(code, buf, len)) return; if (am_daemon) { /* TODO: can we send the error to the user somehow? */ Index: proto.h --- proto.h.orig 2006-04-22 17:38:34 +0200 +++ proto.h 2006-05-30 20:30:09 +0200 @@@@ -104,7 +104,7 @@@@ void set_msg_fd_out(int fd); void increment_active_files(int ndx, int itemizing, enum logcode code); void decrement_active_files(int ndx); -void send_msg(enum msgcode code, char *buf, int len); +int send_msg(enum msgcode code, char *buf, int len); int get_redo_num(int itemizing, enum logcode code); int get_hlink_num(void); void io_set_filesfrom_fds(int f_in, int f_out); @ 1.22.2.1 log @MFC: make up leeway for 2_STABLE by virtue of build-time results @ text @d2 3 a4 3 --- compat.c.orig 2006-04-26 01:51:12 +0200 +++ compat.c 2006-11-08 09:09:06 +0100 @@@@ -54,19 +54,21 @@@@ d34 3 a36 3 --- rsync.h.orig 2006-10-24 05:31:30 +0200 +++ rsync.h 2006-11-08 09:09:06 +0100 @@@@ -86,9 +86,12 @@@@ d52 91 @ 1.21 log @upgrading package: rsync 2.6.7 -> 2.6.8 @ text @d52 91 @ 1.20 log @apply a patch from the vendor mailing lists (via FreeBSD ports) @ text @a0 21 Index: clientserver.c --- clientserver.c.orig 2006-02-24 02:56:26 +0100 +++ clientserver.c 2006-04-04 09:29:20 +0200 @@@@ -733,8 +733,6 @@@@ char *host = client_name(f_in); int i; - rprintf(FLOG, "connect from %s (%s)\n", host, addr); - io_set_sock_fds(f_in, f_out); if (!lp_load(config_file, 0)) @@@@ -742,6 +740,8 @@@@ log_init(); + rprintf(FLOG, "connect from %s (%s)\n", host, addr); + if (!am_server) { set_socket_options(f_in, "SO_KEEPALIVE"); if (sockopts) d3 1 a3 1 +++ compat.c 2006-04-04 09:29:20 +0200 d34 2 a35 2 --- rsync.h.orig 2006-02-27 22:11:56 +0100 +++ rsync.h 2006-04-04 09:29:20 +0200 @ 1.19 log @upgrading package: rsync 2.6.6 -> 2.6.7 @ text @d1 21 d24 1 a24 1 +++ compat.c 2006-03-12 10:05:18 +0100 d56 1 a56 1 +++ rsync.h 2006-03-12 10:05:18 +0100 @ 1.18 log @upgrading package: rsync 2.6.5 -> 2.6.6 @ text @d2 2 a3 2 --- compat.c.orig 2005-03-09 19:53:55 +0100 +++ compat.c 2005-03-31 17:41:51 +0200 d34 2 a35 2 --- rsync.h.orig 2005-03-28 19:08:47 +0200 +++ rsync.h 2005-03-31 17:28:54 +0200 @ 1.17 log @upgrading package: rsync 2.6.3 -> 2.6.5 @ text @a51 22 Index: zlib/infcodes.c --- zlib/infcodes.c.orig 2002-03-12 02:14:58 +0100 +++ zlib/infcodes.c 2005-03-31 17:28:54 +0200 @@@@ -197,8 +197,18 @@@@ c->mode = COPY; case COPY: /* o: copying bytes in window, waiting for space */ f = q - c->sub.copy.dist; +#ifdef __FreeBSD__ + { + /* Work-around for a FreeBSD gcc bug. */ + volatile inflate_blocks_statef *s1 = s; + + while (f < s1->window) /* modulo window size-"while" instead */ + f += s1->end - s1->window; /* of "if" handles invalid distances */ + } +#else while (f < s->window) /* modulo window size-"while" instead */ f += s->end - s->window; /* of "if" handles invalid distances */ +#endif while (c->len) { NEEDOUT @ 1.16 log @second attempt for the protocol workaround: distinguish between client and server protocol versions and this way only refuse to play with too old clients on the server side but still allow the client to connect to ancient servers @ text @a0 87 Index: popt/popt.c --- popt/popt.c.orig 2004-06-09 23:41:21 +0200 +++ popt/popt.c 2005-01-02 17:09:28 +0100 @@@@ -1128,7 +1128,7 @@@@ /*@@=nullderef@@*/ } -const char *const poptStrerror(const int error) +const char *poptStrerror(const int error) { switch (error) { case POPT_ERROR_NOARG: Index: popt/popt.h --- popt/popt.h.orig 2004-01-27 17:27:05 +0100 +++ popt/popt.h 2005-01-02 17:09:01 +0100 @@@@ -373,7 +373,7 @@@@ * @@return error string */ /*@@-redecl@@*/ -/*@@observer@@*/ const char *const poptStrerror(const int error) +/*@@observer@@*/ const char *poptStrerror(const int error) /*@@*/; /*@@=redecl@@*/ Index: receiver.c --- receiver.c.orig 2004-09-21 11:24:06 +0200 +++ receiver.c 2005-01-02 17:07:40 +0100 @@@@ -116,7 +116,7 @@@@ rprintf(FINFO, "deleting in %s\n", safe_fname(fbuf)); for (i = local_file_list->count-1; i >= 0; i--) { - if (max_delete && deletion_count > max_delete) + if (max_delete && deletion_count >= max_delete) break; if (!local_file_list->files[i]->basename) continue; Index: zlib/infcodes.c --- zlib/infcodes.c.orig 2002-03-12 02:14:58 +0100 +++ zlib/infcodes.c 2005-01-02 17:07:40 +0100 @@@@ -197,8 +197,18 @@@@ c->mode = COPY; case COPY: /* o: copying bytes in window, waiting for space */ f = q - c->sub.copy.dist; +#ifdef __FreeBSD__ + { + /* Work-around for a FreeBSD gcc bug. */ + volatile inflate_blocks_statef *s1 = s; + + while (f < s1->window) /* modulo window size-"while" instead */ + f += s1->end - s1->window; /* of "if" handles invalid distances */ + } +#else while (f < s->window) /* modulo window size-"while" instead */ f += s->end - s->window; /* of "if" handles invalid distances */ +#endif while (c->len) { NEEDOUT Index: options.c --- options.c.orig 2004-09-23 19:39:05 +0200 +++ options.c 2005-01-02 17:30:40 +0100 @@@@ -769,6 +769,12 @@@@ } } + if (bwlimit) { + bwlimit_writemax = (size_t)bwlimit * 128; + if (bwlimit_writemax < 512) + bwlimit_writemax = 512; + } + if (daemon_opt) { daemon_opt = 0; am_daemon = 1; @@@@ -807,12 +813,6 @@@@ if (do_progress && !verbose) verbose = 1; - if (bwlimit) { - bwlimit_writemax = (size_t)bwlimit * 128; - if (bwlimit_writemax < 512) - bwlimit_writemax = 512; - } - if (inplace) { #if HAVE_FTRUNCATE if (partial_dir) { d2 3 a4 3 --- compat.c.orig 2004-07-22 01:59:22 +0200 +++ compat.c 2005-03-04 11:57:39 +0100 @@@@ -53,19 +53,22 @@@@ d12 1 a12 1 rprintf(FERROR,"protocol version mismatch - is your shell clean?\n"); a18 2 - } - if (protocol_version < MIN_PROTOCOL_VERSION) { d23 2 a24 1 + } d26 1 a26 2 + || (!am_server && protocol_version < MIN_CLIENT_PROTOCOL_VERSION) + ) { d34 3 a36 3 --- rsync.h.orig 2004-09-22 06:10:10 +0200 +++ rsync.h 2005-03-04 12:01:01 +0100 @@@@ -81,9 +81,12 @@@@ d52 22 @ 1.15 log @apply acceptable workaround in the year 2005 with rsync 2.6.3 (protocol 28): do no longer accept antiqued protocols versions less than 25 (from before rsync 2.5.x in 2001) because clients using some of those protocols hang the assigned rsync server process forever @ text @d90 11 a100 2 +++ compat.c 2005-03-04 11:02:28 +0100 @@@@ -60,8 +60,8 @@@@ d103 1 a103 1 if (remote_protocol < OLD_PROTOCOL_VERSION) { d106 4 d112 8 d121 1 a121 2 if (protocol_version < MIN_PROTOCOL_VERSION) { rprintf(FERROR, "--protocol must be at least %d on the %s.\n", d124 2 a125 2 +++ rsync.h 2005-03-04 11:00:58 +0100 @@@@ -81,8 +81,13 @@@@ d129 9 a137 8 +#ifdef RSYNC_ANTIQUED_PROTOCOLS #define MIN_PROTOCOL_VERSION 20 #define OLD_PROTOCOL_VERSION 25 +#else +#define MIN_PROTOCOL_VERSION 25 +#define OLD_PROTOCOL_VERSION 27 +#endif #define MAX_PROTOCOL_VERSION 40 d140 1 @ 1.14 log @apply --bwlimit fix for daemon mode (taken over from Debian) @ text @d88 31 @ 1.13 log @fix a few compilation warnings @ text @d59 29 @ 1.12 log @apply --max-delete=N patch from the FreeBSD port and apply the shipped mkfifo patch for the *BSD systems to get correct socket and fifo synchronization @ text @d1 36 d39 1 a39 1 +++ zlib/infcodes.c 2004-10-01 08:58:40 +0200 a58 12 Index: receiver.c --- receiver.c.orig 2004-09-21 11:24:06 +0200 +++ receiver.c 2005-01-02 13:11:02 +0100 @@@@ -116,7 +116,7 @@@@ rprintf(FINFO, "deleting in %s\n", safe_fname(fbuf)); for (i = local_file_list->count-1; i >= 0; i--) { - if (max_delete && deletion_count > max_delete) + if (max_delete && deletion_count >= max_delete) break; if (!local_file_list->files[i]->basename) continue; @ 1.11 log @upgrading package: rsync 2.6.2 -> 2.6.3 @ text @d23 12 @ 1.10 log @apply security fix @ text @d2 2 a3 2 --- zlib/infcodes.c.orig 2002-03-12 02:14:58.000000000 +0100 +++ zlib/infcodes.c 2004-04-29 17:21:36.000000000 +0200 a22 47 Index: flist.c --- flist.c.orig 2004-04-29 21:37:15.000000000 +0200 +++ flist.c 2004-05-03 16:11:52.000000000 +0200 @@@@ -539,6 +539,7 @@@@ rdev_major = 0; uid = 0, gid = 0; *lastname = '\0'; + lastdir_len = -1; return; } @@@@ -745,7 +746,7 @@@@ char *basename, *dirname, *bp; unsigned short flags = 0; - if (!flist) /* lastdir isn't valid if flist is NULL */ + if (!flist || !flist->count) /* lastdir isn't valid if flist is NULL */ lastdir_len = -1; if (strlcpy(thisname, fname, sizeof thisname) ============================================================================= Security Fix: There is a path-sanitizing bug that affects daemon mode in all recent rsync versions (including 2.6.2) but only if chroot is disabled. It does NOT affect the normal send/receive filenames that specify what files should be transferred (this is because these names happen to get sanitized twice, and thus the second call removes any lingering leading slash(es) that the first call left behind). It does affect certain option paths that cause auxilliary files to be read or written. One potential fix that doesn't require recompiling rsync is to set "use chroot = true" for all the modules in the rsyncd.conf file. Index: util.c --- util.c.orig 2004-04-27 21:59:37 +0200 +++ util.c 2004-08-15 11:45:47 +0200 @@@@ -743,7 +743,7 @@@@ allowdotdot = 1; } else { p += 2; - if (*p == '/') + while (*p == '/') p++; if (sanp != start) { /* back up sanp one level */ @ 1.9 log @Fix --delete SEGV See also: http://lists.samba.org/archive/rsync/2004-May/009380.html @ text @d43 27 @ 1.9.2.1 log @MFC: apply security fix @ text @a42 27 ============================================================================= Security Fix: There is a path-sanitizing bug that affects daemon mode in all recent rsync versions (including 2.6.2) but only if chroot is disabled. It does NOT affect the normal send/receive filenames that specify what files should be transferred (this is because these names happen to get sanitized twice, and thus the second call removes any lingering leading slash(es) that the first call left behind). It does affect certain option paths that cause auxilliary files to be read or written. One potential fix that doesn't require recompiling rsync is to set "use chroot = true" for all the modules in the rsyncd.conf file. Index: util.c --- util.c.orig 2004-04-27 21:59:37 +0200 +++ util.c 2004-08-15 11:45:47 +0200 @@@@ -743,7 +743,7 @@@@ allowdotdot = 1; } else { p += 2; - if (*p == '/') + while (*p == '/') p++; if (sanp != start) { /* back up sanp one level */ @ 1.8 log @upgrading package: rsync 2.6.1 -> 2.6.2 @ text @d23 20 @ 1.7 log @include one more patch from the vendor @ text @a0 21 Index: uidlist.c --- uidlist.c.orig 2004-02-20 18:09:30.000000000 +0100 +++ uidlist.c 2004-04-29 17:22:32.000000000 +0200 @@@@ -81,7 +81,7 @@@@ static int map_uid(int id, char *name) { uid_t uid; - if (uid != 0 && name_to_uid(name, &uid)) + if (id != 0 && name_to_uid(name, &uid)) return uid; return id; } @@@@ -89,7 +89,7 @@@@ static int map_gid(int id, char *name) { gid_t gid; - if (gid != 0 && name_to_gid(name, &gid)) + if (id != 0 && name_to_gid(name, &gid)) return gid; return id; } a22 21 Index: flist.c --- flist.c 27 Apr 2004 01:36:10 -0000 1.217 +++ flist.c 29 Apr 2004 19:37:15 -0000 1.218 @@@@ -1517,11 +1517,17 @@@@ int f_name_cmp(struct file_struct *f1, s if (!(c1 = (uchar*)f1->dirname)) { state1 = fnc_BASE; c1 = (uchar*)f1->basename; + } else if (!*c1) { + state1 = fnc_SLASH; + c1 = (uchar*)"/"; } else state1 = fnc_DIR; if (!(c2 = (uchar*)f2->dirname)) { state2 = fnc_BASE; c2 = (uchar*)f2->basename; + } else if (!*c2) { + state2 = fnc_SLASH; + c2 = (uchar*)"/"; } else state2 = fnc_DIR; @ 1.6 log @replace rsh/ssh hack with new --with-rsh option and add a bugfix from the rsync mailing list (see http://lists.samba.org/archive/rsync/2004-April/009334.html) @ text @d44 21 @ 1.5 log @upgrading package: rsync 2.5.7 -> 2.6.0 @ text @d1 21 a21 35 Index: main.c --- main.c.orig 2003-12-20 17:57:24.000000000 +0100 +++ main.c 2004-01-01 20:12:53.000000000 +0100 @@@@ -209,7 +209,7 @@@@ if (!cmd) cmd = rsh_env; if (!cmd) - cmd = RSYNC_RSH; + cmd = RSYNC_SSH; cmd = strdup(cmd); if (!cmd) goto oom; Index: options.c --- options.c.orig 2003-12-30 19:16:25.000000000 +0100 +++ options.c 2004-01-01 20:14:14.000000000 +0100 @@@@ -238,7 +238,7 @@@@ rprintf(F," --no-whole-file turn off --whole-file\n"); rprintf(F," -x, --one-file-system don't cross filesystem boundaries\n"); rprintf(F," -B, --block-size=SIZE checksum blocking size (default %d)\n",BLOCK_SIZE); - rprintf(F," -e, --rsh=COMMAND specify the remote shell\n"); + rprintf(F," -e, --rsh=COMMAND specify rsh replacement (default %s)\n", RSYNC_SSH); rprintf(F," --rsync-path=PATH specify path to rsync on the remote machine\n"); rprintf(F," --existing only update files that already exist\n"); rprintf(F," --ignore-existing ignore files that already exist on receiving side\n"); Index: rsync.h --- rsync.h.orig 2003-12-17 00:04:59.000000000 +0100 +++ rsync.h 2004-01-01 20:12:53.000000000 +0100 @@@@ -121,6 +121,7 @@@@ #ifdef HAVE_SYS_PARAM_H #include #endif +#define RSYNC_SSH "ssh" #ifdef HAVE_STDLIB_H #include d24 1 a24 1 +++ zlib/infcodes.c 2004-01-01 20:12:53.000000000 +0100 @ 1.5.2.1 log @SA-2004.025-rsync; CAN-2004-0426 @ text @a57 100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0426 rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path. Index: options.c --- options.c.260 2003-12-30 19:16:25.000000000 +0100 +++ options.c 2004-05-21 14:23:31.000000000 +0200 @@@@ -21,6 +21,8 @@@@ #include "rsync.h" #include "popt.h" +extern int sanitize_paths; +extern char curr_dir[MAXPATHLEN]; extern struct exclude_struct **exclude_list; int make_backups = 0; @@@@ -460,6 +462,7 @@@@ { int opt; char *ref = lp_refuse_options(module_id); + char *arg; poptContext pc; /* TODO: Call poptReadDefaultConfig; handle errors. */ @@@@ -507,14 +507,20 @@@@ add_exclude(&exclude_list, poptGetOptArg(pc), ADD_INCLUDE); - case OPT_EXCLUDE_FROM: - add_exclude_file(&exclude_list, poptGetOptArg(pc), - MISSING_FATAL, ADD_EXCLUDE); + case OPT_EXCLUDE_FROM: + arg = (char *)poptGetOptArg(pc); + if (sanitize_paths) + sanitize_path(arg, curr_dir); + add_exclude_file(&exclude_list, arg, + MISSING_FATAL, ADD_EXCLUDE); break; - case OPT_INCLUDE_FROM: - add_exclude_file(&exclude_list, poptGetOptArg(pc), - MISSING_FATAL, ADD_INCLUDE); + case OPT_INCLUDE_FROM: + arg = (char *)poptGetOptArg(pc); + if (sanitize_paths) + sanitize_path(arg, curr_dir); + add_exclude_file(&exclude_list, arg, + MISSING_FATAL, ADD_INCLUDE); break; case 'h': @@@@ -625,6 +634,23 @@@@ if (relative_paths < 0) relative_paths = files_from? 1 : 0; + *argv = poptGetArgs(pc); + if (*argv) + *argc = count_args(*argv); + else + *argc = 0; + + if (sanitize_paths) { + if (tmpdir) + sanitize_path(tmpdir, curr_dir); + if (compare_dest) + sanitize_path(compare_dest, curr_dir); + if (backup_dir) + sanitize_path(backup_dir, curr_dir); + if (files_from) + sanitize_path(files_from, curr_dir); + } + if (!backup_suffix) backup_suffix = backup_dir? "" : BACKUP_SUFFIX; backup_suffix_len = strlen(backup_suffix); @@@@ -644,12 +679,6 @@@@ if (do_progress && !verbose) verbose = 1; - *argv = poptGetArgs(pc); - if (*argv) - *argc = count_args(*argv); - else - *argc = 0; - if (files_from) { char *colon; if (*argc != 2) { @@@@ -672,9 +701,6 @@@@ exit_cleanup(RERR_SYNTAX); } } else { - extern int sanitize_paths; - if (sanitize_paths) - sanitize_path(strdup(files_from), NULL); filesfrom_fd = open(files_from, O_RDONLY|O_BINARY); if (filesfrom_fd < 0) { rsyserr(FERROR, errno, @ 1.5.2.2 log @MFC: apply security fix @ text @a58 2 ============================================================================= a157 28 ============================================================================= Security Fix: There is a path-sanitizing bug that affects daemon mode in all recent rsync versions (including 2.6.2) but only if chroot is disabled. It does NOT affect the normal send/receive filenames that specify what files should be transferred (this is because these names happen to get sanitized twice, and thus the second call removes any lingering leading slash(es) that the first call left behind). It does affect certain option paths that cause auxilliary files to be read or written. One potential fix that doesn't require recompiling rsync is to set "use chroot = true" for all the modules in the rsyncd.conf file. Index: util.c --- util.c.orig 2004-04-27 21:59:37 +0200 +++ util.c 2004-08-15 11:45:47 +0200 @@@@ -743,7 +743,7 @@@@ allowdotdot = 1; } else { p += 2; - if (*p == '/') + while (*p == '/') p++; if (sanp != start) { /* back up sanp one level */ @ 1.4 log @upgrading package: rsync 2.5.5 -> 2.5.6 @ text @d1 4 a4 3 --- main.c Tue Jan 28 06:05:53 2003 +++ main.c Tue Jan 28 10:00:40 2003 @@@@ -208,7 +208,7 @@@@ d6 1 a6 1 cmd = getenv(RSYNC_RSH_ENV); d11 1 a11 1 if (!cmd) d13 4 a16 3 --- options.c Tue Jan 28 04:11:57 2003 +++ options.c Tue Jan 28 10:01:13 2003 @@@@ -230,7 +230,7 @@@@ d19 1 a19 1 rprintf(F," -B, --block-size=SIZE checksum blocking size (default %d)\n",BLOCK_SIZE); a22 1 rprintf(F," -C, --cvs-exclude auto ignore files in the same way CVS does\n"); d24 5 a28 3 --- rsync.h Sun Jan 26 21:11:16 2003 +++ rsync.h Tue Jan 28 10:00:40 2003 @@@@ -101,6 +101,7 @@@@ d36 3 a38 22 @@@@ -114,7 +115,7 @@@@ #include #endif -#ifdef HAVE_MALLOC_H +#if defined(HAVE_MALLINFO) && defined(HAVE_MALLOC_H) #include #endif @@@@ -182,10 +183,6 @@@@ #ifdef HAVE_GLOB_H #include -#endif - -#ifdef HAVE_MALLOC_H -# include #endif /* these are needed for the uid/gid mapping code */ --- zlib/infcodes.c Tue Mar 12 02:14:58 2002 +++ zlib/infcodes.c Tue Jan 28 10:00:40 2003 @ 1.3 log @ok, finally follow FreeBSD and make SSH the default transport for rsync @ text @d1 54 a54 2 --- zlib/infcodes.c.orig Tue Mar 12 02:14:58 2002 +++ zlib/infcodes.c Sun Apr 21 21:19:46 2002 a73 40 --- rsync.h.orig Mon Mar 25 08:29:43 2002 +++ rsync.h Tue Apr 23 13:49:06 2002 @@@@ -113,7 +113,7 @@@@ #include #endif -#ifdef HAVE_MALLOC_H +#if defined(HAVE_MALLINFO) && defined(HAVE_MALLOC_H) #include #endif @@@@ -181,10 +181,6 @@@@ #ifdef HAVE_GLOB_H #include -#endif - -#ifdef HAVE_MALLOC_H -# include #endif /* these are needed for the uid/gid mapping code */ --- main.c.orig Tue Sep 5 19:46:43 2000 +++ main.c Sat Apr 7 23:32:25 2001 @@@@ -134 +134 @@@@ - cmd = RSYNC_RSH; + cmd = RSYNC_SSH; --- options.c.orig Thu Mar 8 03:31:32 2001 +++ options.c Thu Mar 8 03:31:32 2001 @@@@ -141 +141 @@@@ - rprintf(F," -e, --rsh=COMMAND specify rsh replacement\n"); + rprintf(F," -e, --rsh=COMMAND specify rsh replacement (default %s)\n", RSYNC_SSH); --- rsync.h.orig Sat Aug 19 06:10:39 2000 +++ rsync.h Sat Apr 7 23:31:00 2001 @@@@ -75,4 +75,5 @@@@ #define RSYNC_RSH "rsh" #endif +#define RSYNC_SSH "ssh" #include @ 1.3.4.1 log @SA-2003.051-rsync; CAN-2003-0962 @ text @a61 508 diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/batch.c rsync-2.5.7/batch.c --- batch.c.orig 2002-12-24 18:42:04.000000000 +1100 +++ batch.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -185,15 +185,14 @@@@ struct file_list *create_flist_from_batc fdb_open = 1; fdb_close = 0; - batch_flist = (struct file_list *) malloc(sizeof(batch_flist[0])); + batch_flist = new(struct file_list); if (!batch_flist) { out_of_memory("create_flist_from_batch"); } batch_flist->count = 0; batch_flist->malloced = 1000; - batch_flist->files = - (struct file_struct **) malloc(sizeof(batch_flist->files[0]) * - batch_flist->malloced); + batch_flist->files = new_array(struct file_struct *, + batch_flist->malloced); if (!batch_flist->files) { out_of_memory("create_flist_from_batch"); } @@@@ -207,14 +206,10 @@@@ struct file_list *create_flist_from_batc batch_flist->malloced += 1000; else batch_flist->malloced *= 2; - batch_flist->files = - (struct file_struct **) realloc(batch_flist-> - files, - sizeof - (batch_flist-> - files[0]) * - batch_flist-> - malloced); + batch_flist->files + = realloc_array(batch_flist->files, + struct file_struct *, + batch_flist->malloced); if (!batch_flist->files) out_of_memory("create_flist_from_batch"); } @@@@ -282,7 +277,7 @@@@ void read_batch_flist_info(struct file_s char buff[256]; struct file_struct *file; - file = (struct file_struct *) malloc(sizeof(*file)); + file = new(struct file_struct); if (!file) out_of_memory("read_batch_flist_info"); memset((char *) file, 0, sizeof(*file)); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/checksum.c rsync-2.5.7/checksum.c --- checksum.c.orig 2002-04-08 18:29:04.000000000 +1000 +++ checksum.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -58,7 +58,7 @@@@ void get_checksum2(char *buf,int len,cha if (len > len1) { if (buf1) free(buf1); - buf1 = (char *)malloc(len+4); + buf1 = new_array(char, len+4); len1 = len; if (!buf1) out_of_memory("get_checksum2"); } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/exclude.c rsync-2.5.7/exclude.c --- exclude.c.orig 2003-01-27 07:10:23.000000000 +1100 +++ exclude.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -36,7 +36,7 @@@@ static struct exclude_struct *make_exclu { struct exclude_struct *ret; - ret = (struct exclude_struct *)malloc(sizeof(*ret)); + ret = new(struct exclude_struct); if (!ret) out_of_memory("make_exclude"); memset(ret, 0, sizeof(*ret)); @@@@ -197,7 +197,7 @@@@ void add_exclude_list(const char *patter return; } - *list = (struct exclude_struct **)Realloc(*list,sizeof(struct exclude_struct *)*(len+2)); + *list = realloc_array(*list, struct exclude_struct *, len+2); if (!*list || !((*list)[len] = make_exclude(pattern, include))) out_of_memory("add_exclude"); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/fileio.c rsync-2.5.7/fileio.c --- fileio.c.orig 2002-01-26 10:07:34.000000000 +1100 +++ fileio.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -102,7 +102,7 @@@@ int write_file(int f,char *buf,size_t le struct map_struct *map_file(int fd,OFF_T len) { struct map_struct *map; - map = (struct map_struct *)malloc(sizeof(*map)); + map = new(struct map_struct); if (!map) out_of_memory("map_file"); map->fd = fd; @@@@ -156,7 +156,7 @@@@ char *map_ptr(struct map_struct *map,OFF /* make sure we have allocated enough memory for the window */ if (window_size > map->p_size) { - map->p = (char *)Realloc(map->p, window_size); + map->p = realloc_array(map->p, char, window_size); if (!map->p) out_of_memory("map_ptr"); map->p_size = window_size; } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/flist.c rsync-2.5.7/flist.c --- flist.c.orig 2003-01-19 05:00:23.000000000 +1100 +++ flist.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -118,10 +118,10 @@@@ static struct string_area *string_area_n if (size <= 0) size = ARENA_SIZE; - a = malloc(sizeof(*a)); + a = new(struct string_area); if (!a) out_of_memory("string_area_new"); - a->current = a->base = malloc(size); + a->current = a->base = new_array(char, size); if (!a->current) out_of_memory("string_area_new buffer"); a->end = a->base + size; @@@@ -305,7 +305,6 @@@@ static char *flist_dir; static void flist_expand(struct file_list *flist) { if (flist->count >= flist->malloced) { - size_t new_bytes; void *new_ptr; if (flist->malloced < 1000) @@@@ -313,16 +312,18 @@@@ static void flist_expand(struct file_lis else flist->malloced *= 2; - new_bytes = sizeof(flist->files[0]) * flist->malloced; - if (flist->files) - new_ptr = realloc(flist->files, new_bytes); + new_ptr = realloc_array(flist->files, + struct file_struct *, + flist->malloced); else - new_ptr = malloc(new_bytes); + new_ptr = new_array(struct file_struct *, + flist->malloced); if (verbose >= 2) { rprintf(FINFO, "expand file_list to %.0f bytes, did%s move\n", - (double) new_bytes, + (double)sizeof(flist->files[0]) + * flist->malloced, (new_ptr == flist->files) ? " not" : ""); } @@@@ -480,7 +481,7 @@@@ static void receive_file_entry(struct fi else l2 = read_byte(f); - file = (struct file_struct *) malloc(sizeof(*file)); + file = new(struct file_struct); if (!file) out_of_memory("receive_file_entry"); memset((char *) file, 0, sizeof(*file)); @@@@ -547,7 +548,7 @@@@ static void receive_file_entry(struct fi rprintf(FERROR, "overflow: l=%d\n", l); overflow("receive_file_entry"); } - file->link = (char *) malloc(l + 1); + file->link = new_array(char, l + 1); if (!file->link) out_of_memory("receive_file_entry 2"); read_sbuf(f, file->link, l); @@@@ -568,7 +569,7 @@@@ static void receive_file_entry(struct fi #endif if (always_checksum) { - file->sum = (char *) malloc(MD4_SUM_LENGTH); + file->sum = new_array(char, MD4_SUM_LENGTH); if (!file->sum) out_of_memory("md4 sum"); if (remote_version < 21) { @@@@ -703,7 +704,7 @@@@ struct file_struct *make_file(int f, cha if (verbose > 2) rprintf(FINFO, "make_file(%d,%s)\n", f, fname); - file = (struct file_struct *) malloc(sizeof(*file)); + file = new(struct file_struct); if (!file) out_of_memory("make_file"); memset((char *) file, 0, sizeof(*file)); @@@@ -1051,15 +1052,13 @@@@ struct file_list *recv_file_list(int f) start_read = stats.total_read; - flist = (struct file_list *) malloc(sizeof(flist[0])); + flist = new(struct file_list); if (!flist) goto oom; flist->count = 0; flist->malloced = 1000; - flist->files = - (struct file_struct **) malloc(sizeof(flist->files[0]) * - flist->malloced); + flist->files = new_array(struct file_struct *, flist->malloced); if (!flist->files) goto oom; @@@@ -1201,7 +1200,7 @@@@ struct file_list *flist_new(void) { struct file_list *flist; - flist = (struct file_list *) malloc(sizeof(flist[0])); + flist = new(struct file_list); if (!flist) out_of_memory("send_file_list"); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/hlink.c rsync-2.5.7/hlink.c --- hlink.c.orig 2002-03-25 18:07:03.000000000 +1100 +++ hlink.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -57,9 +57,7 @@@@ void init_hard_links(struct file_list *f if (hlink_list) free(hlink_list); - if (!(hlink_list = - (struct file_struct *) malloc(sizeof(hlink_list[0]) * - flist->count))) + if (!(hlink_list = new_array(struct file_struct, flist->count))) out_of_memory("init_hard_links"); for (i = 0; i < flist->count; i++) diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/io.c rsync-2.5.7/io.c --- io.c.orig 2002-04-11 12:11:50.000000000 +1000 +++ io.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -535,7 +535,7 @@@@ void io_start_buffering(int fd) { if (io_buffer) return; multiplex_out_fd = fd; - io_buffer = (char *)malloc(IO_BUFFER_SIZE); + io_buffer = new_array(char, IO_BUFFER_SIZE); if (!io_buffer) out_of_memory("writefd"); io_buffer_count = 0; } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/loadparm.c rsync-2.5.7/loadparm.c --- loadparm.c.orig 2002-08-31 09:27:26.000000000 +1000 +++ loadparm.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -442,10 +442,10 @@@@ static int add_a_service(service *pservi i = iNumServices; - ServicePtrs = (service **)Realloc(ServicePtrs,sizeof(service *)*num_to_alloc); + ServicePtrs = realloc_array(ServicePtrs, service *, num_to_alloc); if (ServicePtrs) - pSERVICE(iNumServices) = (service *)malloc(sizeof(service)); + pSERVICE(iNumServices) = new(service); if (!ServicePtrs || !pSERVICE(iNumServices)) return(-1); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/log.c rsync-2.5.7/log.c --- log.c.orig 2002-12-24 18:42:04.000000000 +1100 +++ log.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -90,10 +90,10 @@@@ static struct err_list *err_list_tail; static void err_list_add(int code, char *buf, int len) { struct err_list *el; - el = (struct err_list *)malloc(sizeof(*el)); + el = new(struct err_list); if (!el) exit_cleanup(RERR_MALLOC); el->next = NULL; - el->buf = malloc(len+4); + el->buf = new_array(char, len+4); if (!el->buf) exit_cleanup(RERR_MALLOC); memcpy(el->buf+4, buf, len); SIVAL(el->buf, 0, ((code+MPLEX_BASE)<<24) | len); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/match.c rsync-2.5.7/match.c --- match.c.orig 2002-04-09 16:11:06.000000000 +1000 +++ match.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -65,9 +65,9 @@@@ static void build_hash_table(struct sum_ int i; if (!tag_table) - tag_table = (int *)malloc(sizeof(tag_table[0])*TABLESIZE); + tag_table = new_array(int, TABLESIZE); - targets = (struct target *)malloc(sizeof(targets[0])*s->count); + targets = new_array(struct target, s->count); if (!tag_table || !targets) out_of_memory("build_hash_table"); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/params.c rsync-2.5.7/params.c --- params.c.orig 2003-01-27 07:07:55.000000000 +1100 +++ params.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -207,7 +207,7 @@@@ static BOOL Section( FILE *InFile, BOOL if( i > (bSize - 2) ) { bSize += BUFR_INC; - bufr = Realloc( bufr, bSize ); + bufr = realloc_array( bufr, char, bSize ); if( NULL == bufr ) { rprintf(FERROR, "%s Memory re-allocation failure.", func); @@@@ -301,7 +301,7 @@@@ static BOOL Parameter( FILE *InFile, BOO if( i > (bSize - 2) ) /* Ensure there's space for next char. */ { bSize += BUFR_INC; - bufr = Realloc( bufr, bSize ); + bufr = realloc_array( bufr, char, bSize ); if( NULL == bufr ) { rprintf(FERROR, "%s Memory re-allocation failure.", func) ; @@@@ -366,7 +366,7 @@@@ static BOOL Parameter( FILE *InFile, BOO if( i > (bSize - 2) ) /* Make sure there's enough room. */ { bSize += BUFR_INC; - bufr = Realloc( bufr, bSize ); + bufr = realloc_array( bufr, char, bSize ); if( NULL == bufr ) { rprintf(FERROR, "%s Memory re-allocation failure.", func) ; @@@@ -530,7 +530,7 @@@@ BOOL pm_process( char *FileName, else /* If we don't have a buffer */ { /* allocate one, then parse, */ bSize = BUFR_INC; /* then free. */ - bufr = (char *)malloc( bSize ); + bufr = new_array( char, bSize ); if( NULL == bufr ) { rprintf(FERROR,"%s memory allocation failure.\n", func); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/proto.h rsync-2.5.7/proto.h --- proto.h.orig 2003-01-27 14:35:09.000000000 +1100 +++ proto.h 2003-12-04 15:23:30.000000000 +1100 @@@@ -254,7 +254,6 @@@@ int name_to_gid(char *name, gid_t *gid); int lock_range(int fd, int offset, int len); void glob_expand(char *base1, char **argv, int *argc, int maxargs); void strlower(char *s); -void *Realloc(void *p, int size); void clean_fname(char *name); void sanitize_path(char *p, char *reldir); char *push_dir(char *dir, int save); @@@@ -265,4 +264,6 @@@@ char *timestring(time_t t); int msleep(int t); int cmp_modtime(time_t file1, time_t file2); int _Insure_trap_error(int a1, int a2, int a3, int a4, int a5, int a6); +void *_new_array(unsigned int size, unsigned long num); +void *_realloc_array(void *ptr, unsigned int size, unsigned long num); int sys_gettimeofday(struct timeval *tv); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/receiver.c rsync-2.5.7/receiver.c --- receiver.c.orig 2003-01-21 10:32:17.000000000 +1100 +++ receiver.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -67,7 +67,8 @@@@ static void add_delete_entry(struct file { if (dlist_len == dlist_alloc_len) { dlist_alloc_len += 1024; - delete_list = (struct delete_list *)Realloc(delete_list, sizeof(delete_list[0])*dlist_alloc_len); + delete_list = realloc_array(delete_list, struct delete_list, + dlist_alloc_len); if (!delete_list) out_of_memory("add_delete_entry"); } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/rsync.c rsync-2.5.7/rsync.c --- rsync.c.orig 2001-12-21 02:33:13.000000000 +1100 +++ rsync.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -124,7 +124,7 @@@@ static int is_in_group(gid_t gid) /* treat failure (-1) as if not member of any group */ ngroups = getgroups(0, 0); if (ngroups > 0) { - gidset = (GETGROUPS_T *) malloc(ngroups * sizeof(GETGROUPS_T)); + gidset = new_array(GETGROUPS_T, ngroups); ngroups = getgroups(ngroups, gidset); } } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/rsync.h rsync-2.5.7/rsync.h --- rsync.h.orig 2003-01-27 07:11:16.000000000 +1100 +++ rsync.h 2003-12-04 15:23:30.000000000 +1100 @@@@ -579,6 +579,10 @@@@ extern int errno; #endif +/* Convenient wrappers for malloc and realloc. Use them. */ +#define new(type) ((type *)malloc(sizeof(type))) +#define new_array(type, num) ((type *)_new_array(sizeof(type), (num))) +#define realloc_array(ptr, type, num) ((type *)_realloc_array((ptr), sizeof(type), (num))) /* use magic gcc attributes to catch format errors */ void rprintf(enum logcode , const char *, ...) diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/sender.c rsync-2.5.7/sender.c --- sender.c.orig 2002-04-09 16:03:50.000000000 +1000 +++ sender.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -46,7 +46,7 @@@@ static struct sum_struct *receive_sums(i int i; OFF_T offset = 0; - s = (struct sum_struct *)malloc(sizeof(*s)); + s = new(struct sum_struct); if (!s) out_of_memory("receive_sums"); s->count = read_int(f); @@@@ -61,7 +61,7 @@@@ static struct sum_struct *receive_sums(i if (s->count == 0) return(s); - s->sums = (struct sum_buf *)malloc(sizeof(s->sums[0])*s->count); + s->sums = new_array(struct sum_buf, s->count); if (!s->sums) out_of_memory("receive_sums"); for (i=0; i < (int) s->count;i++) { diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/token.c rsync-2.5.7/token.c --- token.c.orig 2002-04-08 18:35:30.000000000 +1000 +++ token.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -68,7 +68,7 @@@@ static int simple_recv_token(int f,char int n; if (!buf) { - buf = (char *)malloc(CHUNK_SIZE); + buf = new_array(char, CHUNK_SIZE); if (!buf) out_of_memory("simple_recv_token"); } @@@@ -160,7 +160,7 @@@@ send_deflated_token(int f, int token, rprintf(FERROR, "compression init failed\n"); exit_cleanup(RERR_STREAMIO); } - if ((obuf = malloc(MAX_DATA_COUNT+2)) == NULL) + if ((obuf = new_array(char, MAX_DATA_COUNT+2)) == NULL) out_of_memory("send_deflated_token"); init_done = 1; } else @@@@ -322,8 +322,8 @@@@ recv_deflated_token(int f, char **data) rprintf(FERROR, "inflate init failed\n"); exit_cleanup(RERR_STREAMIO); } - if ((cbuf = malloc(MAX_DATA_COUNT)) == NULL - || (dbuf = malloc(CHUNK_SIZE)) == NULL) + if (!(cbuf = new_array(char, MAX_DATA_COUNT)) + || !(dbuf = new_array(char, CHUNK_SIZE))) out_of_memory("recv_deflated_token"); init_done = 1; } else { diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/uidlist.c rsync-2.5.7/uidlist.c --- uidlist.c.orig 1999-03-02 08:16:50.000000000 +1100 +++ uidlist.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -41,7 +41,7 @@@@ static struct idlist *gidlist; static struct idlist *add_list(int id, char *name) { - struct idlist *list = (struct idlist *)malloc(sizeof(list[0])); + struct idlist *list = new(struct idlist); if (!list) out_of_memory("add_list"); list->next = NULL; list->name = strdup(name); @@@@ -241,7 +241,7 @@@@ void recv_uid_list(int f, struct file_li id = read_int(f); while (id != 0) { int len = read_byte(f); - name = (char *)malloc(len+1); + name = new_array(char, len+1); if (!name) out_of_memory("recv_uid_list"); read_sbuf(f, name, len); if (!list) { @@@@ -264,7 +264,7 @@@@ void recv_uid_list(int f, struct file_li id = read_int(f); while (id != 0) { int len = read_byte(f); - name = (char *)malloc(len+1); + name = new_array(char, len+1); if (!name) out_of_memory("recv_uid_list"); read_sbuf(f, name, len); if (!list) { diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/util.c rsync-2.5.7/util.c --- util.c.orig 2003-01-20 08:37:11.000000000 +1100 +++ util.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -538,13 +538,6 @@@@ void strlower(char *s) } } -void *Realloc(void *p, int size) -{ - if (!p) return (void *)malloc(size); - return (void *)realloc(p, size); -} - - void clean_fname(char *name) { char *p; @@@@ -941,3 +934,23 @@@@ int _Insure_trap_error(int a1, int a2, i return ret; } #endif + + +#define MALLOC_MAX 0x40000000 + +void *_new_array(unsigned int size, unsigned long num) +{ + if (num >= MALLOC_MAX/size) + return NULL; + return malloc(size * num); +} + +void *_realloc_array(void *ptr, unsigned int size, unsigned long num) +{ + if (num >= MALLOC_MAX/size) + return NULL; + /* No realloc should need this, but just in case... */ + if (!ptr) + return malloc(size * num); + return realloc(ptr, size * num); +} @ 1.3.2.1 log @mass Merge-From-CURRENT (MFC) in preparation for OpenPKG 1.3 [class CORE only] @ text @d1 2 a2 54 --- main.c Tue Jan 28 06:05:53 2003 +++ main.c Tue Jan 28 10:00:40 2003 @@@@ -208,7 +208,7 @@@@ if (!cmd) cmd = getenv(RSYNC_RSH_ENV); if (!cmd) - cmd = RSYNC_RSH; + cmd = RSYNC_SSH; cmd = strdup(cmd); if (!cmd) goto oom; --- options.c Tue Jan 28 04:11:57 2003 +++ options.c Tue Jan 28 10:01:13 2003 @@@@ -230,7 +230,7 @@@@ rprintf(F," --no-whole-file turn off --whole-file\n"); rprintf(F," -x, --one-file-system don't cross filesystem boundaries\n"); rprintf(F," -B, --block-size=SIZE checksum blocking size (default %d)\n",BLOCK_SIZE); - rprintf(F," -e, --rsh=COMMAND specify the remote shell\n"); + rprintf(F," -e, --rsh=COMMAND specify rsh replacement (default %s)\n", RSYNC_SSH); rprintf(F," --rsync-path=PATH specify path to rsync on the remote machine\n"); rprintf(F," -C, --cvs-exclude auto ignore files in the same way CVS does\n"); rprintf(F," --existing only update files that already exist\n"); --- rsync.h Sun Jan 26 21:11:16 2003 +++ rsync.h Tue Jan 28 10:00:40 2003 @@@@ -101,6 +101,7 @@@@ #ifdef HAVE_SYS_PARAM_H #include #endif +#define RSYNC_SSH "ssh" #ifdef HAVE_STDLIB_H #include @@@@ -114,7 +115,7 @@@@ #include #endif -#ifdef HAVE_MALLOC_H +#if defined(HAVE_MALLINFO) && defined(HAVE_MALLOC_H) #include #endif @@@@ -182,10 +183,6 @@@@ #ifdef HAVE_GLOB_H #include -#endif - -#ifdef HAVE_MALLOC_H -# include #endif /* these are needed for the uid/gid mapping code */ --- zlib/infcodes.c Tue Mar 12 02:14:58 2002 +++ zlib/infcodes.c Tue Jan 28 10:00:40 2003 d22 40 @ 1.3.2.1.2.1 log @SA-2003.051-rsync; CAN-2003-0962 @ text @a73 508 diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/batch.c rsync-2.5.7/batch.c --- batch.c.orig 2002-12-24 18:42:04.000000000 +1100 +++ batch.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -185,15 +185,14 @@@@ struct file_list *create_flist_from_batc fdb_open = 1; fdb_close = 0; - batch_flist = (struct file_list *) malloc(sizeof(batch_flist[0])); + batch_flist = new(struct file_list); if (!batch_flist) { out_of_memory("create_flist_from_batch"); } batch_flist->count = 0; batch_flist->malloced = 1000; - batch_flist->files = - (struct file_struct **) malloc(sizeof(batch_flist->files[0]) * - batch_flist->malloced); + batch_flist->files = new_array(struct file_struct *, + batch_flist->malloced); if (!batch_flist->files) { out_of_memory("create_flist_from_batch"); } @@@@ -207,14 +206,10 @@@@ struct file_list *create_flist_from_batc batch_flist->malloced += 1000; else batch_flist->malloced *= 2; - batch_flist->files = - (struct file_struct **) realloc(batch_flist-> - files, - sizeof - (batch_flist-> - files[0]) * - batch_flist-> - malloced); + batch_flist->files + = realloc_array(batch_flist->files, + struct file_struct *, + batch_flist->malloced); if (!batch_flist->files) out_of_memory("create_flist_from_batch"); } @@@@ -282,7 +277,7 @@@@ void read_batch_flist_info(struct file_s char buff[256]; struct file_struct *file; - file = (struct file_struct *) malloc(sizeof(*file)); + file = new(struct file_struct); if (!file) out_of_memory("read_batch_flist_info"); memset((char *) file, 0, sizeof(*file)); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/checksum.c rsync-2.5.7/checksum.c --- checksum.c.orig 2002-04-08 18:29:04.000000000 +1000 +++ checksum.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -58,7 +58,7 @@@@ void get_checksum2(char *buf,int len,cha if (len > len1) { if (buf1) free(buf1); - buf1 = (char *)malloc(len+4); + buf1 = new_array(char, len+4); len1 = len; if (!buf1) out_of_memory("get_checksum2"); } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/exclude.c rsync-2.5.7/exclude.c --- exclude.c.orig 2003-01-27 07:10:23.000000000 +1100 +++ exclude.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -36,7 +36,7 @@@@ static struct exclude_struct *make_exclu { struct exclude_struct *ret; - ret = (struct exclude_struct *)malloc(sizeof(*ret)); + ret = new(struct exclude_struct); if (!ret) out_of_memory("make_exclude"); memset(ret, 0, sizeof(*ret)); @@@@ -197,7 +197,7 @@@@ void add_exclude_list(const char *patter return; } - *list = (struct exclude_struct **)Realloc(*list,sizeof(struct exclude_struct *)*(len+2)); + *list = realloc_array(*list, struct exclude_struct *, len+2); if (!*list || !((*list)[len] = make_exclude(pattern, include))) out_of_memory("add_exclude"); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/fileio.c rsync-2.5.7/fileio.c --- fileio.c.orig 2002-01-26 10:07:34.000000000 +1100 +++ fileio.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -102,7 +102,7 @@@@ int write_file(int f,char *buf,size_t le struct map_struct *map_file(int fd,OFF_T len) { struct map_struct *map; - map = (struct map_struct *)malloc(sizeof(*map)); + map = new(struct map_struct); if (!map) out_of_memory("map_file"); map->fd = fd; @@@@ -156,7 +156,7 @@@@ char *map_ptr(struct map_struct *map,OFF /* make sure we have allocated enough memory for the window */ if (window_size > map->p_size) { - map->p = (char *)Realloc(map->p, window_size); + map->p = realloc_array(map->p, char, window_size); if (!map->p) out_of_memory("map_ptr"); map->p_size = window_size; } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/flist.c rsync-2.5.7/flist.c --- flist.c.orig 2003-01-19 05:00:23.000000000 +1100 +++ flist.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -118,10 +118,10 @@@@ static struct string_area *string_area_n if (size <= 0) size = ARENA_SIZE; - a = malloc(sizeof(*a)); + a = new(struct string_area); if (!a) out_of_memory("string_area_new"); - a->current = a->base = malloc(size); + a->current = a->base = new_array(char, size); if (!a->current) out_of_memory("string_area_new buffer"); a->end = a->base + size; @@@@ -305,7 +305,6 @@@@ static char *flist_dir; static void flist_expand(struct file_list *flist) { if (flist->count >= flist->malloced) { - size_t new_bytes; void *new_ptr; if (flist->malloced < 1000) @@@@ -313,16 +312,18 @@@@ static void flist_expand(struct file_lis else flist->malloced *= 2; - new_bytes = sizeof(flist->files[0]) * flist->malloced; - if (flist->files) - new_ptr = realloc(flist->files, new_bytes); + new_ptr = realloc_array(flist->files, + struct file_struct *, + flist->malloced); else - new_ptr = malloc(new_bytes); + new_ptr = new_array(struct file_struct *, + flist->malloced); if (verbose >= 2) { rprintf(FINFO, "expand file_list to %.0f bytes, did%s move\n", - (double) new_bytes, + (double)sizeof(flist->files[0]) + * flist->malloced, (new_ptr == flist->files) ? " not" : ""); } @@@@ -480,7 +481,7 @@@@ static void receive_file_entry(struct fi else l2 = read_byte(f); - file = (struct file_struct *) malloc(sizeof(*file)); + file = new(struct file_struct); if (!file) out_of_memory("receive_file_entry"); memset((char *) file, 0, sizeof(*file)); @@@@ -547,7 +548,7 @@@@ static void receive_file_entry(struct fi rprintf(FERROR, "overflow: l=%d\n", l); overflow("receive_file_entry"); } - file->link = (char *) malloc(l + 1); + file->link = new_array(char, l + 1); if (!file->link) out_of_memory("receive_file_entry 2"); read_sbuf(f, file->link, l); @@@@ -568,7 +569,7 @@@@ static void receive_file_entry(struct fi #endif if (always_checksum) { - file->sum = (char *) malloc(MD4_SUM_LENGTH); + file->sum = new_array(char, MD4_SUM_LENGTH); if (!file->sum) out_of_memory("md4 sum"); if (remote_version < 21) { @@@@ -703,7 +704,7 @@@@ struct file_struct *make_file(int f, cha if (verbose > 2) rprintf(FINFO, "make_file(%d,%s)\n", f, fname); - file = (struct file_struct *) malloc(sizeof(*file)); + file = new(struct file_struct); if (!file) out_of_memory("make_file"); memset((char *) file, 0, sizeof(*file)); @@@@ -1051,15 +1052,13 @@@@ struct file_list *recv_file_list(int f) start_read = stats.total_read; - flist = (struct file_list *) malloc(sizeof(flist[0])); + flist = new(struct file_list); if (!flist) goto oom; flist->count = 0; flist->malloced = 1000; - flist->files = - (struct file_struct **) malloc(sizeof(flist->files[0]) * - flist->malloced); + flist->files = new_array(struct file_struct *, flist->malloced); if (!flist->files) goto oom; @@@@ -1201,7 +1200,7 @@@@ struct file_list *flist_new(void) { struct file_list *flist; - flist = (struct file_list *) malloc(sizeof(flist[0])); + flist = new(struct file_list); if (!flist) out_of_memory("send_file_list"); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/hlink.c rsync-2.5.7/hlink.c --- hlink.c.orig 2002-03-25 18:07:03.000000000 +1100 +++ hlink.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -57,9 +57,7 @@@@ void init_hard_links(struct file_list *f if (hlink_list) free(hlink_list); - if (!(hlink_list = - (struct file_struct *) malloc(sizeof(hlink_list[0]) * - flist->count))) + if (!(hlink_list = new_array(struct file_struct, flist->count))) out_of_memory("init_hard_links"); for (i = 0; i < flist->count; i++) diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/io.c rsync-2.5.7/io.c --- io.c.orig 2002-04-11 12:11:50.000000000 +1000 +++ io.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -535,7 +535,7 @@@@ void io_start_buffering(int fd) { if (io_buffer) return; multiplex_out_fd = fd; - io_buffer = (char *)malloc(IO_BUFFER_SIZE); + io_buffer = new_array(char, IO_BUFFER_SIZE); if (!io_buffer) out_of_memory("writefd"); io_buffer_count = 0; } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/loadparm.c rsync-2.5.7/loadparm.c --- loadparm.c.orig 2002-08-31 09:27:26.000000000 +1000 +++ loadparm.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -442,10 +442,10 @@@@ static int add_a_service(service *pservi i = iNumServices; - ServicePtrs = (service **)Realloc(ServicePtrs,sizeof(service *)*num_to_alloc); + ServicePtrs = realloc_array(ServicePtrs, service *, num_to_alloc); if (ServicePtrs) - pSERVICE(iNumServices) = (service *)malloc(sizeof(service)); + pSERVICE(iNumServices) = new(service); if (!ServicePtrs || !pSERVICE(iNumServices)) return(-1); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/log.c rsync-2.5.7/log.c --- log.c.orig 2002-12-24 18:42:04.000000000 +1100 +++ log.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -90,10 +90,10 @@@@ static struct err_list *err_list_tail; static void err_list_add(int code, char *buf, int len) { struct err_list *el; - el = (struct err_list *)malloc(sizeof(*el)); + el = new(struct err_list); if (!el) exit_cleanup(RERR_MALLOC); el->next = NULL; - el->buf = malloc(len+4); + el->buf = new_array(char, len+4); if (!el->buf) exit_cleanup(RERR_MALLOC); memcpy(el->buf+4, buf, len); SIVAL(el->buf, 0, ((code+MPLEX_BASE)<<24) | len); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/match.c rsync-2.5.7/match.c --- match.c.orig 2002-04-09 16:11:06.000000000 +1000 +++ match.c 2003-12-04 15:23:29.000000000 +1100 @@@@ -65,9 +65,9 @@@@ static void build_hash_table(struct sum_ int i; if (!tag_table) - tag_table = (int *)malloc(sizeof(tag_table[0])*TABLESIZE); + tag_table = new_array(int, TABLESIZE); - targets = (struct target *)malloc(sizeof(targets[0])*s->count); + targets = new_array(struct target, s->count); if (!tag_table || !targets) out_of_memory("build_hash_table"); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/params.c rsync-2.5.7/params.c --- params.c.orig 2003-01-27 07:07:55.000000000 +1100 +++ params.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -207,7 +207,7 @@@@ static BOOL Section( FILE *InFile, BOOL if( i > (bSize - 2) ) { bSize += BUFR_INC; - bufr = Realloc( bufr, bSize ); + bufr = realloc_array( bufr, char, bSize ); if( NULL == bufr ) { rprintf(FERROR, "%s Memory re-allocation failure.", func); @@@@ -301,7 +301,7 @@@@ static BOOL Parameter( FILE *InFile, BOO if( i > (bSize - 2) ) /* Ensure there's space for next char. */ { bSize += BUFR_INC; - bufr = Realloc( bufr, bSize ); + bufr = realloc_array( bufr, char, bSize ); if( NULL == bufr ) { rprintf(FERROR, "%s Memory re-allocation failure.", func) ; @@@@ -366,7 +366,7 @@@@ static BOOL Parameter( FILE *InFile, BOO if( i > (bSize - 2) ) /* Make sure there's enough room. */ { bSize += BUFR_INC; - bufr = Realloc( bufr, bSize ); + bufr = realloc_array( bufr, char, bSize ); if( NULL == bufr ) { rprintf(FERROR, "%s Memory re-allocation failure.", func) ; @@@@ -530,7 +530,7 @@@@ BOOL pm_process( char *FileName, else /* If we don't have a buffer */ { /* allocate one, then parse, */ bSize = BUFR_INC; /* then free. */ - bufr = (char *)malloc( bSize ); + bufr = new_array( char, bSize ); if( NULL == bufr ) { rprintf(FERROR,"%s memory allocation failure.\n", func); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/proto.h rsync-2.5.7/proto.h --- proto.h.orig 2003-01-27 14:35:09.000000000 +1100 +++ proto.h 2003-12-04 15:23:30.000000000 +1100 @@@@ -254,7 +254,6 @@@@ int name_to_gid(char *name, gid_t *gid); int lock_range(int fd, int offset, int len); void glob_expand(char *base1, char **argv, int *argc, int maxargs); void strlower(char *s); -void *Realloc(void *p, int size); void clean_fname(char *name); void sanitize_path(char *p, char *reldir); char *push_dir(char *dir, int save); @@@@ -265,4 +264,6 @@@@ char *timestring(time_t t); int msleep(int t); int cmp_modtime(time_t file1, time_t file2); int _Insure_trap_error(int a1, int a2, int a3, int a4, int a5, int a6); +void *_new_array(unsigned int size, unsigned long num); +void *_realloc_array(void *ptr, unsigned int size, unsigned long num); int sys_gettimeofday(struct timeval *tv); diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/receiver.c rsync-2.5.7/receiver.c --- receiver.c.orig 2003-01-21 10:32:17.000000000 +1100 +++ receiver.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -67,7 +67,8 @@@@ static void add_delete_entry(struct file { if (dlist_len == dlist_alloc_len) { dlist_alloc_len += 1024; - delete_list = (struct delete_list *)Realloc(delete_list, sizeof(delete_list[0])*dlist_alloc_len); + delete_list = realloc_array(delete_list, struct delete_list, + dlist_alloc_len); if (!delete_list) out_of_memory("add_delete_entry"); } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/rsync.c rsync-2.5.7/rsync.c --- rsync.c.orig 2001-12-21 02:33:13.000000000 +1100 +++ rsync.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -124,7 +124,7 @@@@ static int is_in_group(gid_t gid) /* treat failure (-1) as if not member of any group */ ngroups = getgroups(0, 0); if (ngroups > 0) { - gidset = (GETGROUPS_T *) malloc(ngroups * sizeof(GETGROUPS_T)); + gidset = new_array(GETGROUPS_T, ngroups); ngroups = getgroups(ngroups, gidset); } } diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/rsync.h rsync-2.5.7/rsync.h --- rsync.h.orig 2003-01-27 07:11:16.000000000 +1100 +++ rsync.h 2003-12-04 15:23:30.000000000 +1100 @@@@ -579,6 +579,10 @@@@ extern int errno; #endif +/* Convenient wrappers for malloc and realloc. Use them. */ +#define new(type) ((type *)malloc(sizeof(type))) +#define new_array(type, num) ((type *)_new_array(sizeof(type), (num))) +#define realloc_array(ptr, type, num) ((type *)_realloc_array((ptr), sizeof(type), (num))) /* use magic gcc attributes to catch format errors */ void rprintf(enum logcode , const char *, ...) diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/sender.c rsync-2.5.7/sender.c --- sender.c.orig 2002-04-09 16:03:50.000000000 +1000 +++ sender.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -46,7 +46,7 @@@@ static struct sum_struct *receive_sums(i int i; OFF_T offset = 0; - s = (struct sum_struct *)malloc(sizeof(*s)); + s = new(struct sum_struct); if (!s) out_of_memory("receive_sums"); s->count = read_int(f); @@@@ -61,7 +61,7 @@@@ static struct sum_struct *receive_sums(i if (s->count == 0) return(s); - s->sums = (struct sum_buf *)malloc(sizeof(s->sums[0])*s->count); + s->sums = new_array(struct sum_buf, s->count); if (!s->sums) out_of_memory("receive_sums"); for (i=0; i < (int) s->count;i++) { diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/token.c rsync-2.5.7/token.c --- token.c.orig 2002-04-08 18:35:30.000000000 +1000 +++ token.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -68,7 +68,7 @@@@ static int simple_recv_token(int f,char int n; if (!buf) { - buf = (char *)malloc(CHUNK_SIZE); + buf = new_array(char, CHUNK_SIZE); if (!buf) out_of_memory("simple_recv_token"); } @@@@ -160,7 +160,7 @@@@ send_deflated_token(int f, int token, rprintf(FERROR, "compression init failed\n"); exit_cleanup(RERR_STREAMIO); } - if ((obuf = malloc(MAX_DATA_COUNT+2)) == NULL) + if ((obuf = new_array(char, MAX_DATA_COUNT+2)) == NULL) out_of_memory("send_deflated_token"); init_done = 1; } else @@@@ -322,8 +322,8 @@@@ recv_deflated_token(int f, char **data) rprintf(FERROR, "inflate init failed\n"); exit_cleanup(RERR_STREAMIO); } - if ((cbuf = malloc(MAX_DATA_COUNT)) == NULL - || (dbuf = malloc(CHUNK_SIZE)) == NULL) + if (!(cbuf = new_array(char, MAX_DATA_COUNT)) + || !(dbuf = new_array(char, CHUNK_SIZE))) out_of_memory("recv_deflated_token"); init_done = 1; } else { diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/uidlist.c rsync-2.5.7/uidlist.c --- uidlist.c.orig 1999-03-02 08:16:50.000000000 +1100 +++ uidlist.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -41,7 +41,7 @@@@ static struct idlist *gidlist; static struct idlist *add_list(int id, char *name) { - struct idlist *list = (struct idlist *)malloc(sizeof(list[0])); + struct idlist *list = new(struct idlist); if (!list) out_of_memory("add_list"); list->next = NULL; list->name = strdup(name); @@@@ -241,7 +241,7 @@@@ void recv_uid_list(int f, struct file_li id = read_int(f); while (id != 0) { int len = read_byte(f); - name = (char *)malloc(len+1); + name = new_array(char, len+1); if (!name) out_of_memory("recv_uid_list"); read_sbuf(f, name, len); if (!list) { @@@@ -264,7 +264,7 @@@@ void recv_uid_list(int f, struct file_li id = read_int(f); while (id != 0) { int len = read_byte(f); - name = (char *)malloc(len+1); + name = new_array(char, len+1); if (!name) out_of_memory("recv_uid_list"); read_sbuf(f, name, len); if (!list) { diff -x '*tmpl' -x .cvsignore -r -x cvs.log -x CVS -x config.log -upd -N rsync-2.5.6/util.c rsync-2.5.7/util.c --- util.c.orig 2003-01-20 08:37:11.000000000 +1100 +++ util.c 2003-12-04 15:23:30.000000000 +1100 @@@@ -538,13 +538,6 @@@@ void strlower(char *s) } } -void *Realloc(void *p, int size) -{ - if (!p) return (void *)malloc(size); - return (void *)realloc(p, size); -} - - void clean_fname(char *name) { char *p; @@@@ -941,3 +934,23 @@@@ int _Insure_trap_error(int a1, int a2, i return ret; } #endif + + +#define MALLOC_MAX 0x40000000 + +void *_new_array(unsigned int size, unsigned long num) +{ + if (num >= MALLOC_MAX/size) + return NULL; + return malloc(size * num); +} + +void *_realloc_array(void *ptr, unsigned int size, unsigned long num) +{ + if (num >= MALLOC_MAX/size) + return NULL; + /* No realloc should need this, but just in case... */ + if (!ptr) + return malloc(size * num); + return realloc(ptr, size * num); +} @ 1.3.2.1.2.2 log @SA-2004.025-rsync; CAN-2004-0426 @ text @a581 75 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0426 rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path. Index: util.c --- util.c.256 2003-01-19 22:37:11.000000000 +0100 +++ util.c 2004-05-21 15:16:56.000000000 +0200 @@@@ -699,7 +692,7 @@@@ } -static char curr_dir[MAXPATHLEN]; +char curr_dir[MAXPATHLEN]; /** * Like chdir() but can be reversed with pop_dir() if @@p save is set. Index: options.c --- options.c.256 2003-01-28 04:11:57.000000000 +0100 +++ options.c 2004-05-21 14:40:47.000000000 +0200 @@@@ -21,6 +21,8 @@@@ #include "rsync.h" #include "popt.h" +extern int sanitize_paths; +extern char curr_dir[MAXPATHLEN]; int make_backups = 0; /** @@@@ -450,6 +452,7 @@@@ { int opt; char *ref = lp_refuse_options(module_id); + char *arg; poptContext pc; /* TODO: Call poptReadDefaultConfig; handle errors. */ @@@@ -504,11 +507,17 @@@@ break; case OPT_EXCLUDE_FROM: - add_exclude_file(poptGetOptArg(pc), 1, 0); + arg = (char *)poptGetOptArg(pc); + if (sanitize_paths) + sanitize_path(arg, curr_dir); + add_exclude_file(arg, 1, 0); break; case OPT_INCLUDE_FROM: - add_exclude_file(poptGetOptArg(pc), 1, 1); + arg = (char *)poptGetOptArg(pc); + if (sanitize_paths) + sanitize_path(arg, curr_dir); + add_exclude_file(arg, 1, 1); break; case OPT_WHOLE_FILE: @@@@ -637,6 +646,15 @@@@ else *argc = 0; + if (sanitize_paths) { + if (tmpdir) + sanitize_path(tmpdir, curr_dir); + if (compare_dest) + sanitize_path(compare_dest, curr_dir); + if (backup_dir) + sanitize_path(backup_dir, curr_dir); + } + return 1; } @ 1.2 log @fix rsync patch for Linux @ text @d44 18 @ 1.1 log @ops, add missing patch @ text @d24 1 a24 1 @@@@ -113,10 +113,6 @@@@ d29 5 a33 7 -#include -#endif - #ifdef TIME_WITH_SYS_TIME #include #include @@@@ -181,10 +177,6 @@@@ @