From eb69e042dcddf535ffdb49357a7981e9db09ed87 Mon Sep 17 00:00:00 2001
From: Michal Ruprich <mruprich@redhat.com>
Date: Thu, 18 Aug 2022 10:28:46 +0200
Subject: [PATCH] Resolves: #2116669 - zlib: a heap-based buffer over-read or
 buffer overflow in inflate in inflate.c via a large gzip header extra field

---
 rsync-3.2.3-cve-2022-37434.patch | 16 ++++++++++++++++
 rsync.spec                       |  7 ++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 rsync-3.2.3-cve-2022-37434.patch

diff --git a/rsync-3.2.3-cve-2022-37434.patch b/rsync-3.2.3-cve-2022-37434.patch
new file mode 100644
index 0000000..2f8ec42
--- /dev/null
+++ b/rsync-3.2.3-cve-2022-37434.patch
@@ -0,0 +1,16 @@
+diff --git a/zlib/inflate.c b/zlib/inflate.c
+index e43abd9..bd33c19 100644
+--- a/zlib/inflate.c
++++ b/zlib/inflate.c
+@@ -740,8 +740,9 @@ int flush;
+                 if (copy > have) copy = have;
+                 if (copy) {
+                     if (state->head != Z_NULL &&
+-                        state->head->extra != Z_NULL) {
+-                        len = state->head->extra_len - state->length;
++                        state->head->extra != Z_NULL &&
++                        (len = state->head->extra_len - state->length) <
++			    state->head->extra_max) {
+                         zmemcpy(state->head->extra + len, next,
+                                 len + copy > state->head->extra_max ?
+                                 state->head->extra_max - len : copy);
diff --git a/rsync.spec b/rsync.spec
index f7f95d8..f700564 100644
--- a/rsync.spec
+++ b/rsync.spec
@@ -10,7 +10,7 @@
 Summary: A program for synchronizing files over a network
 Name: rsync
 Version: 3.2.3
-Release: 16%{?dist}
+Release: 17%{?dist}
 URL: https://rsync.samba.org/
 
 Source0: https://download.samba.org/pub/rsync/src/rsync-%{version}%{?prerelease}.tar.gz
@@ -39,6 +39,7 @@ Patch4: rsync-3.2.3-xattr.patch
 Patch5: rsync-3.2.3-segfault.patch
 Patch6: rsync-3.2.3-atimes.patch
 Patch7: rsync-3.1.3-cve-2018-25032.patch
+Patch8: rsync-3.2.3-cve-2022-37434.patch
 
 %description
 Rsync uses a reliable algorithm to bring remote and host files into
@@ -80,6 +81,7 @@ patch -p1 -i patches/copy-devices.diff
 %patch5 -p1 -b .segfault
 %patch6 -p1 -b .atimes
 %patch7 -p1 -b .cve-2018-25032
+%patch8 -p1 -b .cve-2022-37434
 
 %build
 %configure --disable-xxhash
@@ -126,6 +128,9 @@ install -D -m644 %{SOURCE6} $RPM_BUILD_ROOT/%{_unitdir}/rsyncd@.service
 %systemd_postun_with_restart rsyncd.service
 
 %changelog
+* Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-17
+- Resolves: #2116669 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
+
 * Wed May 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.2.3-16
 - Related: #2081296 - Adding ci.fmf for separation of testing results