rsync/backport-Fix-overflow-of-sum2-buffer-for-sha1-rolling-checksu.patch

From 0f599d3641bd197ff01f5182fad33169aa46a055 Mon Sep 17 00:00:00 2001
From: Wayne Davison <wayne@opencoder.net>
Date: Sat, 22 Apr 2023 08:49:48 -0700
Subject: [PATCH 1/1] Fix overflow of sum2 buffer for sha1 rolling checksums.
 Fixed #353.

---
 checksum.c  | 1 +
 generator.c | 2 +-
 match.c     | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/checksum.c b/checksum.c
index c6007f36..cd741d1b 100644
--- a/checksum.c
+++ b/checksum.c
@@ -300,6 +300,7 @@ uint32 get_checksum1(char *buf1, int32 len)
 }
 #endif
 
+/* The "sum" buffer must be at least MAX_DIGEST_LEN bytes! */
 void get_checksum2(char *buf, int32 len, char *sum)
 {
 #ifdef USE_OPENSSL
diff --git a/generator.c b/generator.c
index 21c4a595..557769e6 100644
--- a/generator.c
+++ b/generator.c
@@ -783,7 +783,7 @@ static int generate_and_send_sums(int fd, OFF_T len, int f_out, int f_copy)
 	for (i = 0; i < sum.count; i++) {
 		int32 n1 = (int32)MIN(len, (OFF_T)sum.blength);
 		char *map = map_ptr(mapbuf, offset, n1);
-		char sum2[SUM_LENGTH];
+		char sum2[MAX_DIGEST_LEN];
 		uint32 sum1;
 
 		len -= n1;
diff --git a/match.c b/match.c
index 6243994c..192b154a 100644
--- a/match.c
+++ b/match.c
@@ -142,7 +142,7 @@ static void hash_search(int f,struct sum_struct *s,
 {
 	OFF_T offset, aligned_offset, end;
 	int32 k, want_i, aligned_i, backup;
-	char sum2[SUM_LENGTH];
+	char sum2[MAX_DIGEST_LEN];
 	uint32 s1, s2, sum;
 	int more;
 	schar *map;
-- 
2.25.1
Fix overflow of sum2 buffer for sha1 rolling checksums. (cherry picked from commit 0003436db88b21aa28294ae174ef678d824bf17f) 2024-07-11 14:17:07 +08:00			`From 0f599d3641bd197ff01f5182fad33169aa46a055 Mon Sep 17 00:00:00 2001`
			`From: Wayne Davison <wayne@opencoder.net>`
			`Date: Sat, 22 Apr 2023 08:49:48 -0700`
			`Subject: [PATCH 1/1] Fix overflow of sum2 buffer for sha1 rolling checksums.`
			`Fixed #353.`

			`---`
			`checksum.c \| 1 +`
			`generator.c \| 2 +-`
			`match.c \| 2 +-`
			`3 files changed, 3 insertions(+), 2 deletions(-)`

			`diff --git a/checksum.c b/checksum.c`
			`index c6007f36..cd741d1b 100644`
			`--- a/checksum.c`
			`+++ b/checksum.c`
			`@@ -300,6 +300,7 @@ uint32 get_checksum1(char *buf1, int32 len)`
			`}`
			`#endif`

			`+/* The "sum" buffer must be at least MAX_DIGEST_LEN bytes! */`
			`void get_checksum2(char buf, int32 len, char sum)`
			`{`
			`#ifdef USE_OPENSSL`
			`diff --git a/generator.c b/generator.c`
			`index 21c4a595..557769e6 100644`
			`--- a/generator.c`
			`+++ b/generator.c`
			`@@ -783,7 +783,7 @@ static int generate_and_send_sums(int fd, OFF_T len, int f_out, int f_copy)`
			`for (i = 0; i < sum.count; i++) {`
			`int32 n1 = (int32)MIN(len, (OFF_T)sum.blength);`
			`char *map = map_ptr(mapbuf, offset, n1);`
			`- char sum2[SUM_LENGTH];`
			`+ char sum2[MAX_DIGEST_LEN];`
			`uint32 sum1;`

			`len -= n1;`
			`diff --git a/match.c b/match.c`
			`index 6243994c..192b154a 100644`
			`--- a/match.c`
			`+++ b/match.c`
			`@@ -142,7 +142,7 @@ static void hash_search(int f,struct sum_struct *s,`
			`{`
			`OFF_T offset, aligned_offset, end;`
			`int32 k, want_i, aligned_i, backup;`
			`- char sum2[SUM_LENGTH];`
			`+ char sum2[MAX_DIGEST_LEN];`
			`uint32 s1, s2, sum;`
			`int more;`
			`schar *map;`
			`--`
			`2.25.1`