aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/rsync-CVE-2017-17433.patch
blob: 84e4067509e5d8ee75f2bc3f1fe9a3d366955ed9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17433
https://git.samba.org/?p=rsync.git;a=patch;h=3e06d40029cfdce9d0f73d87cfd4edaf54be9c51

From 3e06d40029cfdce9d0f73d87cfd4edaf54be9c51 Mon Sep 17 00:00:00 2001
From: Jeriko One <jeriko.one@gmx.us>
Date: Thu, 2 Nov 2017 23:44:19 -0700
Subject: [PATCH] Check fname in recv_files sooner.

---
 receiver.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/receiver.c b/receiver.c
index baae3a9..9fdafa1 100644
--- a/receiver.c
+++ b/receiver.c
@@ -574,6 +574,12 @@ int recv_files(int f_in, int f_out, char *local_name)
 			file = dir_flist->files[cur_flist->parent_ndx];
 		fname = local_name ? local_name : f_name(file, fbuf);
 
+		if (daemon_filter_list.head
+		    && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
+			rprintf(FERROR, "attempt to hack rsync failed.\n");
+			exit_cleanup(RERR_PROTOCOL);
+		}
+
 		if (DEBUG_GTE(RECV, 1))
 			rprintf(FINFO, "recv_files(%s)\n", fname);
 
@@ -645,12 +651,6 @@ int recv_files(int f_in, int f_out, char *local_name)
 
 		cleanup_got_literal = 0;
 
-		if (daemon_filter_list.head
-		    && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
-			rprintf(FERROR, "attempt to hack rsync failed.\n");
-			exit_cleanup(RERR_PROTOCOL);
-		}
-
 		if (read_batch) {
 			int wanted = redoing
 				   ? we_want_redo(ndx)
-- 
1.9.1