mirror/rsync
1
0
Fork 0
mirror of https://github.com/RsyncProject/rsync.git synced 2026-05-10 07:53:45 -04:00
Code Issues Packages Projects Releases Wiki Activity

xattrs: fixed count in qsort

Browse Source 
this fixes the count passed to the sort of the xattr list. This issue
was reported here:

https://www.openwall.com/lists/oss-security/2026/04/16/2

the bug is not exploitable due to the fork-per-connection design of
rsync, the attack is the equivalent of the user closing the socket
themselves.
This commit is contained in:
Andrew Tridgell
2026-04-22 09:57:45 +10:00
parent d1df0aaf70
commit bb0a8118c2
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
xattrs.c
View File

@@ -860,8 +860,8 @@ void receive_xattr(int f, struct file_struct *file)
rxa->num = num;
}
if (need_sort && count > 1)
qsort(temp_xattr.items, count, sizeof (rsync_xa), rsync_xal_compare_names);
if (need_sort && temp_xattr.count > 1)
qsort(temp_xattr.items, temp_xattr.count, sizeof (rsync_xa), rsync_xal_compare_names);
ndx = rsync_xal_store(&temp_xattr); /* adds item to rsync_xal_l */