poky/meta/recipes-devtools/rsync/files/CVE-2024-12087-0001.patch

From 688f5c379a433038bde36897a156d589be373a98 Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayne@opencoder.net>
Date: Thu, 14 Nov 2024 15:46:50 -0800
Subject: [PATCH] Refuse a duplicate dirlist.

CVE: CVE-2024-12087

Upstream-Status: Backport [https://git.samba.org/?p=rsync.git;a=commit;h=688f5c379a433038bde36897a156d589be373a98]

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
 flist.c | 9 +++++++++
 rsync.h | 1 +
 2 files changed, 10 insertions(+)

diff --git a/flist.c b/flist.c
index 464d556e..847b1054 100644
--- a/flist.c
+++ b/flist.c
@@ -2584,6 +2584,15 @@ struct file_list *recv_file_list(int f, int dir_ndx)
		init_hard_links();
 #endif

+	if (inc_recurse && dir_ndx >= 0) {
+		struct file_struct *file = dir_flist->files[dir_ndx];
+		if (file->flags & FLAG_GOT_DIR_FLIST) {
+			rprintf(FERROR_XFER, "rsync: refusing malicious duplicate flist for dir %d\n", dir_ndx);
+			exit_cleanup(RERR_PROTOCOL);
+		}
+		file->flags |= FLAG_GOT_DIR_FLIST;
+	}
+
	flist = flist_new(0, "recv_file_list");
	flist_expand(flist, FLIST_START_LARGE);

diff --git a/rsync.h b/rsync.h
index 0f9e277f..b9a7101a 100644
--- a/rsync.h
+++ b/rsync.h
@@ -84,6 +84,7 @@
 #define FLAG_DUPLICATE (1<<4)	/* sender */
 #define FLAG_MISSING_DIR (1<<4)	/* generator */
 #define FLAG_HLINKED (1<<5)	/* receiver/generator (checked on all types) */
+#define FLAG_GOT_DIR_FLIST (1<<5)/* sender/receiver/generator - dir_flist only */
 #define FLAG_HLINK_FIRST (1<<6)	/* receiver/generator (w/FLAG_HLINKED) */
 #define FLAG_IMPLIED_DIR (1<<6)	/* sender/receiver/generator (dirs only) */
 #define FLAG_HLINK_LAST (1<<7)	/* receiver/generator */
--
2.40.0