From fb22dddccfd8ff0dd81fbeb116fc9159a610b52d Mon Sep 17 00:00:00 2001
From: ghen <ghen@pkgsrc.org>
Date: Thu, 23 Aug 2007 14:18:51 +0000
Subject: Pullup ticket 2179 - requested by tron security fix for rsync

- pkgsrc/net/rsync/Makefile				1.68
- pkgsrc/net/rsync/distinfo				1.26
- pkgsrc/net/rsync/patches/patch-aa			1.11

   Module Name:	pkgsrc
   Committed By:	tron
   Date:		Thu Aug 23 13:47:51 UTC 2007

   Modified Files:
	   pkgsrc/net/rsync: Makefile distinfo
   Added Files:
	   pkgsrc/net/rsync/patches: patch-aa

   Log Message:
   Add SuSE's patch to fix the vulnerability reported in CVE-2007-4091.
   Bump package revision.
---
 net/rsync/Makefile         |  3 ++-
 net/rsync/distinfo         |  3 ++-
 net/rsync/patches/patch-aa | 62 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 66 insertions(+), 2 deletions(-)
 create mode 100644 net/rsync/patches/patch-aa

diff --git a/net/rsync/Makefile b/net/rsync/Makefile
index 4b3f46e57e7..0b7a21a9256 100644
--- a/net/rsync/Makefile
+++ b/net/rsync/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.67 2006/11/18 09:12:53 adam Exp $
+# $NetBSD: Makefile,v 1.67.6.1 2007/08/23 14:18:51 ghen Exp $
 
 DISTNAME=	rsync-2.6.9
 CATEGORIES=	net
+PKGREVISION=	1
 MASTER_SITES=	http://rsync.samba.org/ftp/rsync/ \
 		ftp://rsync.samba.org/pub/rsync/ \
 		http://rsync.samba.org/ftp/rsync/old-versions/  \
diff --git a/net/rsync/distinfo b/net/rsync/distinfo
index 41809e042a4..02a91c907ba 100644
--- a/net/rsync/distinfo
+++ b/net/rsync/distinfo
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.25 2006/11/18 09:12:53 adam Exp $
+$NetBSD: distinfo,v 1.25.6.1 2007/08/23 14:18:51 ghen Exp $
 
 SHA1 (rsync-2.6.9.tar.gz) = 341618e230ea2e0e551d0ccf06f840d4f824c843
 RMD160 (rsync-2.6.9.tar.gz) = 36d270d9f01e9a8e808f426196796001bdd3d5d2
 Size (rsync-2.6.9.tar.gz) = 811841 bytes
+SHA1 (patch-aa) = f8193d10197d44f78d923b9c2e4809072d25e988
 SHA1 (patch-ab) = 1666dbc37c04c219886b2e5d160792e9b9e2b97d
diff --git a/net/rsync/patches/patch-aa b/net/rsync/patches/patch-aa
new file mode 100644
index 00000000000..a17ada35da8
--- /dev/null
+++ b/net/rsync/patches/patch-aa
@@ -0,0 +1,62 @@
+$NetBSD: patch-aa,v 1.10.22.1 2007/08/23 14:19:11 ghen Exp $
+
+--- sender.c.orig	2006-09-20 02:53:32.000000000 +0100
++++ sender.c	2007-08-23 14:43:38.000000000 +0100
+@@ -123,6 +123,7 @@
+ 	char fname[MAXPATHLEN];
+ 	struct file_struct *file;
+ 	unsigned int offset;
++	size_t l = 0;
+ 
+ 	if (ndx < 0 || ndx >= the_file_list->count)
+ 		return;
+@@ -133,6 +134,20 @@
+ 				    file->dir.root, "/", NULL);
+ 	} else
+ 		offset = 0;
++
++	l = offset + 1;
++	if (file) {
++		if (file->dirname)
++			l += strlen(file->dirname);
++		if (file->basename)
++			l += strlen(file->basename);
++	}
++
++	if (l >= sizeof(fname)) {
++		rprintf(FERROR, "Overlong pathname\n");
++		exit_cleanup(RERR_FILESELECT);
++	}
++
+ 	f_name(file, fname + offset);
+ 	if (remove_source_files) {
+ 		if (do_unlink(fname) == 0) {
+@@ -224,6 +239,7 @@
+ 	enum logcode log_code = log_before_transfer ? FLOG : FINFO;
+ 	int f_xfer = write_batch < 0 ? batch_fd : f_out;
+ 	int i, j;
++	size_t l = 0;
+ 
+ 	if (verbose > 2)
+ 		rprintf(FINFO, "send_files starting\n");
+@@ -259,6 +275,20 @@
+ 				fname[offset++] = '/';
+ 		} else
+ 			offset = 0;
++
++		l = offset + 1;
++		if (file) {
++			if (file->dirname)
++				l += strlen(file->dirname);
++			if (file->basename)
++				l += strlen(file->basename);
++		}
++
++		if (l >= sizeof(fname)) {
++			rprintf(FERROR, "Overlong pathname\n");
++			exit_cleanup(RERR_FILESELECT);
++		}
++
+ 		fname2 = f_name(file, fname + offset);
+ 
+ 		if (verbose > 2)
-- 
cgit v1.2.3