summary refs log tree commit diff
path: root/pkgs/applications/networking/sync
diff options
context:
space:
mode:
authorJörg Thalheim2023-11-06 13:47:27 +0100
committerJörg Thalheim2023-11-07 13:59:47 +0100
commit5490442319a1b4a2cc95a60a1be223ed86501beb (patch)
tree66327f86e229b74287fb4c6ec3c86c32c3c4f5b7 /pkgs/applications/networking/sync
parent7790e79cb0daa32c9f2845a5e81a740fd95ed398 (diff)
rsync: fix regression with _FORTIFY_SOURCE=2
See https://github.com/WayneD/rsync/issues/511 for details.
Not using fetchpatch, because I didn't found a raw link for opensuse's repository
Diffstat (limited to 'pkgs/applications/networking/sync')
-rw-r--r--pkgs/applications/networking/sync/rsync/default.nix6
-rw-r--r--pkgs/applications/networking/sync/rsync/rsync-fortified-strlcpy-fix.patch49
2 files changed, 55 insertions, 0 deletions
diff --git a/pkgs/applications/networking/sync/rsync/default.nix b/pkgs/applications/networking/sync/rsync/default.nix
index 9df26b6bb845..1baf1c40eb14 100644
--- a/pkgs/applications/networking/sync/rsync/default.nix
+++ b/pkgs/applications/networking/sync/rsync/default.nix
@@ -30,6 +30,12 @@ stdenv.mkDerivation rec {
 
   nativeBuildInputs = [ perl ];
 
+  patches = [
+    # https://github.com/WayneD/rsync/issues/511#issuecomment-1774612577
+    # original source: https://build.opensuse.org/package/view_file/network/rsync/rsync-fortified-strlcpy-fix.patch?expand=1&rev=3f8dd2f4a404c96c0f69176e60893714
+    ./rsync-fortified-strlcpy-fix.patch
+  ];
+
   buildInputs = [ libiconv zlib popt ]
     ++ lib.optional enableACLs acl
     ++ lib.optional enableZstd zstd
diff --git a/pkgs/applications/networking/sync/rsync/rsync-fortified-strlcpy-fix.patch b/pkgs/applications/networking/sync/rsync/rsync-fortified-strlcpy-fix.patch
new file mode 100644
index 000000000000..296445b4bb56
--- /dev/null
+++ b/pkgs/applications/networking/sync/rsync/rsync-fortified-strlcpy-fix.patch
@@ -0,0 +1,49 @@
+From 1f83963f59960150e8c46112daa8411324c1f209 Mon Sep 17 00:00:00 2001
+From: Jiri Slaby <jslaby@suse.cz>
+Date: Fri, 18 Aug 2023 08:26:20 +0200
+Subject: [PATCH] exclude: fix crashes with fortified strlcpy()
+
+Fortified (-D_FORTIFY_SOURCE=2 for gcc) builds make strlcpy() crash when
+its third parameter (size) is larger than the buffer:
+  $ rsync -FFXHav '--filter=merge global-rsync-filter' Align-37-43/ xxx
+  sending incremental file list
+  *** buffer overflow detected ***: terminated
+
+It's in the exclude code in setup_merge_file():
+  strlcpy(y, save, MAXPATHLEN);
+
+Note the 'y' pointer was incremented, so it no longer points to memory
+with MAXPATHLEN "owned" bytes.
+
+Fix it by remembering the number of copied bytes into the 'save' buffer
+and use that instead of MAXPATHLEN which is clearly incorrect.
+
+Fixes #511.
+---
+ exclude.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/exclude.c b/exclude.c
+index ffe55b167..1a5de3b9e 100644
+--- a/exclude.c
++++ b/exclude.c
+@@ -720,7 +720,8 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
+ 	parent_dirscan = True;
+ 	while (*y) {
+ 		char save[MAXPATHLEN];
+-		strlcpy(save, y, MAXPATHLEN);
++		/* copylen is strlen(y) which is < MAXPATHLEN. +1 for \0 */
++		size_t copylen = strlcpy(save, y, MAXPATHLEN) + 1;
+ 		*y = '\0';
+ 		dirbuf_len = y - dirbuf;
+ 		strlcpy(x, ex->pattern, MAXPATHLEN - (x - buf));
+@@ -734,7 +735,7 @@ static BOOL setup_merge_file(int mergelist_num, filter_rule *ex,
+ 			lp->head = NULL;
+ 		}
+ 		lp->tail = NULL;
+-		strlcpy(y, save, MAXPATHLEN);
++		strlcpy(y, save, copylen);
+ 		while ((*x++ = *y++) != '/') {}
+ 	}
+ 	parent_dirscan = False;
+