1 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-devtools/rsync/files/CVE-2024-12087-0002.patch b/meta/recipes-devtools/rsync/files/CVE-2024-12087-0002.patch
new file mode 100644
index 0000000000..8a22e0c371
--- /dev/null
+++ b/meta/recipes-devtools/rsync/files/CVE-2024-12087-0002.patch
@@ -0,0 +1,31 @@
+From 344327385fa47fa5bb67a32c237735e6240cfb93 Mon Sep 17 00:00:00 2001
+From: Andrew Tridgell <andrew@tridgell.net>
+Date: Tue, 26 Nov 2024 16:12:45 +1100
+Subject: [PATCH] range check dir_ndx before use
+CVE: CVE-2024-12087
+Upstream-Status: Backport [https://git.samba.org/?p=rsync.git;a=commit;h=344327385fa47fa5bb67a32c237735e6240cfb93]
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ flist.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/flist.c b/flist.c
+index 847b1054..087f9da6 100644
+--- a/flist.c
+++ b/flist.c
+@@ -2585,6 +2585,10 @@ struct file_list *recv_file_list(int f, int dir_ndx)
+ #endif
+        if (inc_recurse && dir_ndx >= 0) {
+               if (dir_ndx >= dir_flist->used) {
+                       rprintf(FERROR_XFER, "rsync: refusing invalid dir_ndx %u >= %u\n", dir_ndx, dir_flist->used);
+                       exit_cleanup(RERR_PROTOCOL);
+               }
+                struct file_struct *file = dir_flist->files[dir_ndx];
+                if (file->flags & FLAG_GOT_DIR_FLIST) {
+                        rprintf(FERROR_XFER, "rsync: refusing malicious duplicate flist for dir %d\n", dir_ndx);
+--
+2.40.0

diff --git a/meta/recipes-devtools/rsync/files/CVE-2024-12087-0002.patch b/meta/recipes-devtools/rsync/files/CVE-2024-12087-0002.patch new file mode 100644 index 0000000000..8a22e0c371 --- /dev/null +++ b/meta/recipes-devtools/rsync/files/CVE-2024-12087-0002.patch
@@ -0,0 +1,31 @@
	1	From 344327385fa47fa5bb67a32c237735e6240cfb93 Mon Sep 17 00:00:00 2001
	2	From: Andrew Tridgell <andrew@tridgell.net>
	3	Date: Tue, 26 Nov 2024 16:12:45 +1100
	4	Subject: [PATCH] range check dir_ndx before use
	5
	6	CVE: CVE-2024-12087
	7
	8	Upstream-Status: Backport [https://git.samba.org/?p=rsync.git;a=commit;h=344327385fa47fa5bb67a32c237735e6240cfb93]
	9
	10	Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
	11	---
	12	flist.c \| 4 ++++
	13	1 file changed, 4 insertions(+)
	14
	15	diff --git a/flist.c b/flist.c
	16	index 847b1054..087f9da6 100644
	17	--- a/flist.c
	18	+++ b/flist.c
	19	@@ -2585,6 +2585,10 @@ struct file_list *recv_file_list(int f, int dir_ndx)
	20	#endif
	21
	22	if (inc_recurse && dir_ndx >= 0) {
	23	+ if (dir_ndx >= dir_flist->used) {
	24	+ rprintf(FERROR_XFER, "rsync: refusing invalid dir_ndx %u >= %u\n", dir_ndx, dir_flist->used);
	25	+ exit_cleanup(RERR_PROTOCOL);
	26	+ }
	27	struct file_struct *file = dir_flist->files[dir_ndx];
	28	if (file->flags & FLAG_GOT_DIR_FLIST) {
	29	rprintf(FERROR_XFER, "rsync: refusing malicious duplicate flist for dir %d\n", dir_ndx);
	30	--
	31	2.40.0