mirror of
https://git.yoctoproject.org/poky
synced 2026-02-24 10:29:40 +01:00
5d60b24103
A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. (From OE-Core rev: 3fd8bea3e72573cca03cd3f6f4fc077cd2fd45a3) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
33 lines
929 B
Diff
33 lines
929 B
Diff
From 589b0691e59f761ccb05ddb8e1124991440db2c7 Mon Sep 17 00:00:00 2001
|
|
From: Andrew Tridgell <andrew@tridgell.net>
|
|
Date: Thu, 14 Nov 2024 09:57:08 +1100
|
|
Subject: [PATCH] prevent information leak off the stack
|
|
|
|
prevent leak of uninitialised stack data in hash_search
|
|
|
|
CVE: CVE-2024-12085
|
|
|
|
Upstream-Status: Backport [https://git.samba.org/?p=rsync.git;a=commit;h=589b0691e59f761ccb05ddb8e1124991440db2c7]
|
|
|
|
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
|
|
---
|
|
match.c | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/match.c b/match.c
|
|
index 36e78ed2..dfd6af2c 100644
|
|
--- a/match.c
|
|
+++ b/match.c
|
|
@@ -147,6 +147,9 @@ static void hash_search(int f,struct sum_struct *s,
|
|
int more;
|
|
schar *map;
|
|
|
|
+ // prevent possible memory leaks
|
|
+ memset(sum2, 0, sizeof sum2);
|
|
+
|
|
/* want_i is used to encourage adjacent matches, allowing the RLL
|
|
* coding of the output to work more efficiently. */
|
|
want_i = 0;
|
|
--
|
|
2.40.0
|