diff options
author | Wayne Davison <wayned@samba.org> | 2015-05-11 12:36:20 -0700 |
---|---|---|
committer | Wayne Davison <wayned@samba.org> | 2015-05-11 12:36:20 -0700 |
commit | eac858085e3ac94ec0ab5061d11f52652c90a869 (patch) | |
tree | 17f222f453f33055cfdfa02557cad96d792e5488 /checksum.c | |
parent | 2ac35b45071c7bfd8be6be41bfd45326f1f57bce (diff) | |
download | android_external_rsync-eac858085e3ac94ec0ab5061d11f52652c90a869.tar.gz android_external_rsync-eac858085e3ac94ec0ab5061d11f52652c90a869.tar.bz2 android_external_rsync-eac858085e3ac94ec0ab5061d11f52652c90a869.zip |
Add compat flag to allow proper seed checksum order.
Fixes the equivalent of librsync's CVE-2014-8242 issue.
Diffstat (limited to 'checksum.c')
-rw-r--r-- | checksum.c | 17 |
1 files changed, 13 insertions, 4 deletions
@@ -23,6 +23,7 @@ extern int checksum_seed; extern int protocol_version; +extern int proper_seed_order; /* a simple 32 bit checksum that can be upadted from either end @@ -54,10 +55,18 @@ void get_checksum2(char *buf, int32 len, char *sum) if (protocol_version >= 30) { uchar seedbuf[4]; md5_begin(&m); - md5_update(&m, (uchar *)buf, len); - if (checksum_seed) { - SIVALu(seedbuf, 0, checksum_seed); - md5_update(&m, seedbuf, 4); + if (proper_seed_order) { + if (checksum_seed) { + SIVALu(seedbuf, 0, checksum_seed); + md5_update(&m, seedbuf, 4); + } + md5_update(&m, (uchar *)buf, len); + } else { + md5_update(&m, (uchar *)buf, len); + if (checksum_seed) { + SIVALu(seedbuf, 0, checksum_seed); + md5_update(&m, seedbuf, 4); + } } md5_result(&m, (uchar *)sum); } else { |