From 2f9b963abaa52e44891180fe6c0d1c2219f6686d Mon Sep 17 00:00:00 2001 From: Wayne Davison Date: Tue, 27 Jun 2023 09:01:15 -0700 Subject: [PATCH] Make `--max-alloc=0` safer. Always do size checking in my_alloc(), even for `--max-alloc=0`. --- options.c | 2 ++ rsync.1.md | 3 ++- util2.c | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/options.c b/options.c index 93bbe7b06..fd674754c 100644 --- a/options.c +++ b/options.c @@ -1946,6 +1946,8 @@ int parse_arguments(int *argc_p, const char ***argv_p) goto cleanup; max_alloc = size; } + if (!max_alloc) + max_alloc = SIZE_MAX; if (old_style_args < 0) { if (!am_server && protect_args <= 0 && (arg = getenv("RSYNC_OLD_ARGS")) != NULL && *arg) { diff --git a/rsync.1.md b/rsync.1.md index 894b36632..2ae6f4816 100644 --- a/rsync.1.md +++ b/rsync.1.md @@ -2106,7 +2106,8 @@ expand it. See the [`--max-size`](#opt) option for a description of how SIZE can be specified. The default suffix if none is given is bytes. - Beginning in 3.2.3, a value of 0 specifies no limit. + Beginning in 3.2.7, a value of 0 is an easy way to specify SIZE_MAX (the + largest limit possible). You can set a default value using the environment variable [`RSYNC_MAX_ALLOC`](#) using the same SIZE values as supported by this diff --git a/util2.c b/util2.c index a8609a5d5..3b5a8f414 100644 --- a/util2.c +++ b/util2.c @@ -72,7 +72,7 @@ int msleep(int t) void *my_alloc(void *ptr, size_t num, size_t size, const char *file, int line) { - if (max_alloc && num >= max_alloc/size) { + if (num >= max_alloc/size) { if (!file) return NULL; rprintf(FERROR, "[%s] exceeded --max-alloc=%s setting (file=%s, line=%d)\n",