summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeriko One <jeriko.one@gmx.us>2017-11-02 23:44:19 -0700
committerDongHun Kwak <dh0128.kwak@samsung.com>2021-03-17 11:58:23 +0900
commitf133efba5df6eaffa88a3c5b2e737b9e81f23116 (patch)
tree94871ef9d487be8a5523031ce3aeaf10e6f0b33b
parent302c8faf359c14c806cf27b7f127d2b404921ead (diff)
downloadrsync-f133efba5df6eaffa88a3c5b2e737b9e81f23116.tar.gz
rsync-f133efba5df6eaffa88a3c5b2e737b9e81f23116.tar.bz2
rsync-f133efba5df6eaffa88a3c5b2e737b9e81f23116.zip
[CVE-2017-17433] Check fname in recv_files sooner.
Change-Id: I9bc0f102e154315891912ea21a3ab13ec942ff01 Signed-off-by: DongHun Kwak <dh0128.kwak@samsung.com>
Diffstat
-rw-r--r--receiver.c12
1 files changed, 6 insertions, 6 deletions
diff --git a/receiver.c b/receiver.c
index 4193cb61..52bb4fd0 100644
--- a/receiver.c
+++ b/receiver.c
@@ -580,6 +580,12 @@ int recv_files(int f_in, int f_out, char *local_name)
file = dir_flist->files[cur_flist->parent_ndx];
fname = local_name ? local_name : f_name(file, fbuf);
+ if (daemon_filter_list.head
+ && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
+ rprintf(FERROR, "attempt to hack rsync failed.\n");
+ exit_cleanup(RERR_PROTOCOL);
+ }
+
if (DEBUG_GTE(RECV, 1))
rprintf(FINFO, "recv_files(%s)\n", fname);
@@ -651,12 +657,6 @@ int recv_files(int f_in, int f_out, char *local_name)
cleanup_got_literal = 0;
- if (daemon_filter_list.head
- && check_filter(&daemon_filter_list, FLOG, fname, 0) < 0) {
- rprintf(FERROR, "attempt to hack rsync failed.\n");
- exit_cleanup(RERR_PROTOCOL);
- }
-
if (read_batch) {
int wanted = redoing
? we_want_redo(ndx)
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 21:45:39 +0000