From: Wayne Davison <wayne@opencoder.net>
Date: Sat, 22 Apr 2023 15:49:48 +0000 (-0700)
Subject: Fix overflow of sum2 buffer for sha1 rolling checksums.
X-Git-Tag: v3.3.0pre1~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0f599d3641bd197ff01f5182fad33169aa46a055;p=thirdparty%2Frsync.git

Fix overflow of sum2 buffer for sha1 rolling checksums.
Fixed #353.
---

diff --git a/checksum.c b/checksum.c
index c6007f368..cd741d1ba 100644
--- a/checksum.c
+++ b/checksum.c
@@ -300,6 +300,7 @@ uint32 get_checksum1(char *buf1, int32 len)
 }
 #endif
 
+/* The "sum" buffer must be at least MAX_DIGEST_LEN bytes! */
 void get_checksum2(char *buf, int32 len, char *sum)
 {
 #ifdef USE_OPENSSL
diff --git a/generator.c b/generator.c
index 21c4a595a..557769e65 100644
--- a/generator.c
+++ b/generator.c
@@ -783,7 +783,7 @@ static int generate_and_send_sums(int fd, OFF_T len, int f_out, int f_copy)
 	for (i = 0; i < sum.count; i++) {
 		int32 n1 = (int32)MIN(len, (OFF_T)sum.blength);
 		char *map = map_ptr(mapbuf, offset, n1);
-		char sum2[SUM_LENGTH];
+		char sum2[MAX_DIGEST_LEN];
 		uint32 sum1;
 
 		len -= n1;
diff --git a/match.c b/match.c
index 6243994ca..192b154a2 100644
--- a/match.c
+++ b/match.c
@@ -142,7 +142,7 @@ static void hash_search(int f,struct sum_struct *s,
 {
 	OFF_T offset, aligned_offset, end;
 	int32 k, want_i, aligned_i, backup;
-	char sum2[SUM_LENGTH];
+	char sum2[MAX_DIGEST_LEN];
 	uint32 s1, s2, sum;
 	int more;
 	schar *map;