From f5c77be058387a10e6d69af83db8dd5daac00a81 Mon Sep 17 00:00:00 2001
From: panxiaohe <panxh.life@foxmail.com>
Date: Wed, 17 Aug 2022 20:51:37 +0800
Subject: [PATCH] fix CVE-2022-37434

---
 backport-zlib-CVE-2022-37434.patch | 31 ++++++++++++++++++++++++++++++
 rsync.spec                         |  6 +++++-
 2 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 backport-zlib-CVE-2022-37434.patch

diff --git a/backport-zlib-CVE-2022-37434.patch b/backport-zlib-CVE-2022-37434.patch
new file mode 100644
index 0000000..fc115f5
--- /dev/null
+++ b/backport-zlib-CVE-2022-37434.patch
@@ -0,0 +1,31 @@
+From 788f11ea6afeb96f0d84f140192165a1ca12ade4 Mon Sep 17 00:00:00 2001
+From: Wayne Davison <wayne@opencoder.net>
+Date: Sun, 7 Aug 2022 09:27:57 -0700
+Subject: [PATCH] Fix zlib bug with a large gzip header extra field
+
+From zlib commit eff308af425b67093bab25f80f1ae950166bece1.
+Fixes CVE-2022-37434.
+---
+ zlib/inflate.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/zlib/inflate.c b/zlib/inflate.c
+index e43abd9e..d15132ea 100644
+--- a/zlib/inflate.c
++++ b/zlib/inflate.c
+@@ -739,9 +739,10 @@ int flush;
+                 copy = state->length;
+                 if (copy > have) copy = have;
+                 if (copy) {
++                    len = state->head->extra_len - state->length;
+                     if (state->head != Z_NULL &&
+-                        state->head->extra != Z_NULL) {
+-                        len = state->head->extra_len - state->length;
++                        state->head->extra != Z_NULL &&
++                        len < state->head->extra_max) {
+                         zmemcpy(state->head->extra + len, next,
+                                 len + copy > state->head->extra_max ?
+                                 state->head->extra_max - len : copy);
+-- 
+2.27.0
+
diff --git a/rsync.spec b/rsync.spec
index 777a5d5..5c021ae 100644
--- a/rsync.spec
+++ b/rsync.spec
@@ -1,6 +1,6 @@
 Name:           rsync
 Version:        3.2.3
-Release:        2
+Release:        3
 Summary:        Fast incremental file transfer utility
 License:        GPLv3+
 URL:            http://rsync.samba.org/
@@ -20,6 +20,7 @@ Obsoletes:      rsync-daemon
 
 Patch1: backport-Work-around-glibc-lchmod-issue-a-better-way.patch
 Patch2: backport-CVE-2020-14387-rsync-ssl-Verify-the-hostname-in-the-certificate-whe.patch
+Patch3: backport-zlib-CVE-2022-37434.patch
 
 %description
 Rsync is an open source utility that provides fast incremental file transfer.
@@ -80,6 +81,9 @@ install -D -m644 %{SOURCE6} %{buildroot}/%{_unitdir}/rsyncd@.service
 %{_mandir}/man5/rsyncd.conf.5*
 
 %changelog
+* Wed Aug 17 2022 panxiaohe <panxh.life@foxmail.com> - 3.2.3-3
+- fix CVE-2022-37434
+
 * Fri Jun 18 2021 yangzhuangzhuang <yangzhuangzhuang1@huawei.com> - 3.2.3-2
 - Type:bugfix
 - ID:NA
-- 
Gitee