mirror/rsync
1
0
Fork 0
mirror of https://github.com/RsyncProject/rsync.git synced 2026-05-31 18:26:12 -04:00
Code Issues Packages Projects Releases Wiki Activity

util: fixed issue in clean_fname()

Browse Source 
fixes buffer underflow (not exploitable) in clean_fname
This commit is contained in:
Andrew Tridgell
2025-08-23 19:14:59 +10:00
parent 841ab71c7c
commit 934a6bec96
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
util1.c
View File

@@ -942,7 +942,7 @@ int count_dir_elements(const char *p)
* resulting name would be empty, returns ".". */
int clean_fname(char *name, int flags)
{
char *limit = name - 1, *t = name, *f = name;
char *limit = name, *t = name, *f = name;
int anchored;
if (!name)
@@ -987,9 +987,13 @@ int clean_fname(char *name, int flags)
f += 2;
continue;
}
while (s > limit && *--s != '/') {}
if (s != t - 1 && (s < name || *s == '/')) {
t = s + 1;
/* backing up for ".." — avoid reading before 'name' */
while (s > limit && s[-1] != '/')
s--;
/* If found prior '/', or we reached the start, adjust t. */
if (s != t - 1 && (s <= name || *s == '/')) {
t = (s == name) ? name : s + 1;
f += 2;
continue;
}