From f2e35f10bce775ff4036264309b47df9c3afb480 Mon Sep 17 00:00:00 2001
From: anolis-bot <sam.zyc@alibaba-inc.com>
Date: Thu, 10 Nov 2022 14:48:29 +0800
Subject: [PATCH 1/2] update to rsync-3.1.3-19.el8

Signed-off-by: anolis-bot <sam.zyc@alibaba-inc.com>
---
 dist                             |   2 +-
 rsync-3.1.3-cve-2022-37434.patch |  16 ++++
 rsync-3.1.3-sparse-block.patch   | 122 +++++++++++++++++++++++++++++++
 rsync.spec                       |  45 +++++-------
 4 files changed, 158 insertions(+), 27 deletions(-)
 create mode 100644 rsync-3.1.3-cve-2022-37434.patch
 create mode 100644 rsync-3.1.3-sparse-block.patch

diff --git a/dist b/dist
index 0ee7539..9c0e36e 100644
--- a/dist
+++ b/dist
@@ -1 +1 @@
-an8_6
+an8
diff --git a/rsync-3.1.3-cve-2022-37434.patch b/rsync-3.1.3-cve-2022-37434.patch
new file mode 100644
index 0000000..2f8ec42
--- /dev/null
+++ b/rsync-3.1.3-cve-2022-37434.patch
@@ -0,0 +1,16 @@
+diff --git a/zlib/inflate.c b/zlib/inflate.c
+index e43abd9..bd33c19 100644
+--- a/zlib/inflate.c
++++ b/zlib/inflate.c
+@@ -740,8 +740,9 @@ int flush;
+                 if (copy > have) copy = have;
+                 if (copy) {
+                     if (state->head != Z_NULL &&
+-                        state->head->extra != Z_NULL) {
+-                        len = state->head->extra_len - state->length;
++                        state->head->extra != Z_NULL &&
++                        (len = state->head->extra_len - state->length) <
++			    state->head->extra_max) {
+                         zmemcpy(state->head->extra + len, next,
+                                 len + copy > state->head->extra_max ?
+                                 state->head->extra_max - len : copy);
diff --git a/rsync-3.1.3-sparse-block.patch b/rsync-3.1.3-sparse-block.patch
new file mode 100644
index 0000000..ff5d092
--- /dev/null
+++ b/rsync-3.1.3-sparse-block.patch
@@ -0,0 +1,122 @@
+diff --git a/fileio.c b/fileio.c
+index b183e20..72d6076 100644
+--- a/fileio.c
++++ b/fileio.c
+@@ -34,6 +34,7 @@
+ #define ALIGNED_LENGTH(len) ((((len) - 1) | (ALIGN_BOUNDRY-1)) + 1)
+ 
+ extern int sparse_files;
++extern int sparse_files_block_size;
+ 
+ OFF_T preallocated_len = 0;
+ 
+@@ -147,7 +148,7 @@ int write_file(int f, int use_seek, OFF_T offset, const char *buf, int len)
+ 	while (len > 0) {
+ 		int r1;
+ 		if (sparse_files > 0) {
+-			int len1 = MIN(len, SPARSE_WRITE_SIZE);
++			int len1 = MIN(len, sparse_files_block_size ? sparse_files_block_size : SPARSE_WRITE_SIZE);
+ 			r1 = write_sparse(f, use_seek, offset, buf, len1);
+ 			offset += r1;
+ 		} else {
+diff --git a/options.c b/options.c
+index 195672e..d08c05a 100644
+--- a/options.c
++++ b/options.c
+@@ -76,6 +76,7 @@ int remove_source_files = 0;
+ int one_file_system = 0;
+ int protocol_version = PROTOCOL_VERSION;
+ int sparse_files = 0;
++long sparse_files_block_size = 0;
+ int preallocate_files = 0;
+ int do_compression = 0;
+ int def_compress_level = NOT_SPECIFIED;
+@@ -717,6 +718,7 @@ void usage(enum logcode F)
+   rprintf(F,"     --fake-super            store/recover privileged attrs using xattrs\n");
+ #endif
+   rprintf(F," -S, --sparse                turn sequences of nulls into sparse blocks\n");
++  rprintf(F,"     --sparse-block=SIZE     set block size used to handle sparse files\n");
+ #ifdef SUPPORT_PREALLOCATION
+   rprintf(F,"     --preallocate           allocate dest files before writing them\n");
+ #else
+@@ -927,6 +929,7 @@ static struct poptOption long_options[] = {
+   {"sparse",          'S', POPT_ARG_VAL,    &sparse_files, 1, 0, 0 },
+   {"no-sparse",        0,  POPT_ARG_VAL,    &sparse_files, 0, 0, 0 },
+   {"no-S",             0,  POPT_ARG_VAL,    &sparse_files, 0, 0, 0 },
++  {"sparse-block",     0,  POPT_ARG_LONG,   &sparse_files_block_size, 0, 0, 0 },
+   {"preallocate",      0,  POPT_ARG_NONE,   &preallocate_files, 0, 0, 0},
+   {"inplace",          0,  POPT_ARG_VAL,    &inplace, 1, 0, 0 },
+   {"no-inplace",       0,  POPT_ARG_VAL,    &inplace, 0, 0, 0 },
+diff --git a/options.c b/options.c
+index b12da55..5a27452 100644
+--- a/options.c
++++ b/options.c
+@@ -2606,6 +2606,12 @@ void server_options(char **args, int *argc_p)
+ 		args[ac++] = arg;
+ 	}
+ 
++	if (sparse_files_block_size) {
++		if (asprintf(&arg, "--sparse-block=%lu", sparse_files_block_size) < 0)
++			goto oom;
++		args[ac++] = arg;
++	}
++
+ 	if (io_timeout) {
+ 		if (asprintf(&arg, "--timeout=%d", io_timeout) < 0)
+ 			goto oom;
+diff --git a/rsync.yo b/rsync.yo
+--- a/rsync.yo
++++ b/rsync.yo
+@@ -377,6 +377,7 @@ to the detailed description below for a complete description.  verb(
+      --super                 receiver attempts super-user activities
+      --fake-super            store/recover privileged attrs using xattrs
+  -S, --sparse                turn sequences of nulls into sparse blocks
++     --sparse-block=SIZE     set block size used to handle sparse files
+      --preallocate           allocate dest files before writing
+  -n, --dry-run               perform a trial run with no changes made
+  -W, --whole-file            copy files whole (w/o delta-xfer algorithm)
+@@ -1299,6 +1300,15 @@ If combined with bf(--sparse), the file will only have sparse blocks (as
+ opposed to allocated sequences of null bytes) if the kernel version and
+ filesystem type support creating holes in the allocated data.
+
++dit(bf(--sparse-block=SIZE)) Change the block size used to handle sparse files
++to SIZE bytes.  This option only has an effect if the bf(--sparse) (bf(-S))
++option was also specified.  The default block size used by rsync to detect a
++file hole is 1024 bytes; when the receiver writes data to the destination file
++and option bf(--sparse) is used, rsync checks every 1024-bytes chunk to detect
++if they are actually filled with data or not.  With certain filesystems,
++optimized to receive data streams for example, enlarging this block size can
++strongly increase performance.  The option can be used to tune this block size.
++
+ dit(bf(-n, --dry-run)) This makes rsync perform a trial run that doesn't
+ make any changes (and produces mostly the same output as a real run).  It
+ is most commonly used in combination with the bf(-v, --verbose) and/or
+diff --git a/rsync.1 b/rsync.1
+index 855dd47..1d7af3c 100644
+--- a/rsync.1
++++ b/rsync.1
+@@ -454,6 +454,7 @@ to the detailed description below for a complete description.
+      \-\-super                 receiver attempts super\-user activities
+      \-\-fake\-super            store/recover privileged attrs using xattrs
+  \-S, \-\-sparse                turn sequences of nulls into sparse blocks
++     \-\-sparse-block=SIZE      set block size used to handle sparse files
+      \-\-preallocate           allocate dest files before writing
+  \-n, \-\-dry\-run               perform a trial run with no changes made
+  \-W, \-\-whole\-file            copy files whole (w/o delta\-xfer algorithm)
+@@ -1493,6 +1493,16 @@ If combined with \fB\-\-sparse\fP, the file will only have sparse blocks (as
+ opposed to allocated sequences of null bytes) if the kernel version and
+ filesystem type support creating holes in the allocated data.
+ .IP 
++.IP "\fB\-\-sparse\-block=SIZE\fP"
++Change the block size used to handle sparse files
++to SIZE bytes.  This option only has an effect if the \fB\-\-sparse\fP (\fB\-S\fP)
++option was also specified.  The default block size used by rsync to detect a
++file hole is 1024 bytes; when the receiver writes data to the destination file
++and option \fB\-\-sparse\fP is used, rsync checks every 1024\-bytes chunk to detect
++if they are actually filled with data or not.  With certain filesystems,
++optimized to receive data streams for example, enlarging this block size can
++strongly increase performance.  The option can be used to tune this block size.
++.IP
+ .IP "\fB\-n, \-\-dry\-run\fP"
+ This makes rsync perform a trial run that doesn\(cq\&t
+ make any changes (and produces mostly the same output as a real run).  It
diff --git a/rsync.spec b/rsync.spec
index e0dbba8..e6050c5 100644
--- a/rsync.spec
+++ b/rsync.spec
@@ -1,4 +1,3 @@
-%define anolis_release .0.1
 %global _hardened_build 1
 
 %define isprerelease 0
@@ -10,7 +9,7 @@
 Summary: A program for synchronizing files over a network
 Name: rsync
 Version: 3.1.3
-Release: 14%{anolis_release}%{?dist}.3
+Release: 19%{?dist}
 Group: Applications/Internet
 URL: http://rsync.samba.org/
 
@@ -28,9 +27,6 @@ BuildRequires: libacl-devel, libattr-devel, autoconf, popt-devel, systemd
 Provides: bundled(zlib) = 1.2.8
 License: GPLv3+
 
-Provides: /usr/bin/rsync
-Requires: glibc
-
 Patch0: rsync-man.patch
 Patch1: rsync-3.0.6-iconv-logging.patch
 Patch2: rsync-3.1.3-covscan.patch
@@ -41,7 +37,9 @@ Patch6: rsync-3.1.3-append-check.patch
 Patch7: rsync-3.1.3-skip-compress.patch
 Patch8: rsync-3.1.3-xattr.patch
 Patch9: rsync-3.1.3-cve-2018-25032.patch
-Patch10: rsync-3.1.3-cve-2022-29154.patch
+Patch10: rsync-3.1.3-sparse-block.patch
+Patch11: rsync-3.1.3-cve-2022-29154.patch
+Patch12: rsync-3.1.3-cve-2022-37434.patch
 
 %description
 Rsync uses a reliable algorithm to bring remote and host files into
@@ -61,14 +59,6 @@ Requires: %{name} = %{version}-%{release}
 Rsync can be used to offer read only access to anonymous clients. This
 package provides the anonymous rsync service.
 
-%package doc
-Summary: Documents for %{name}
-BuildArch: noarch
-Requires: %{name} = %{version}-%{release}
-
-%description doc
-Doc pages for %{name}.
-
 %prep
 # TAG: for pre versions use
 
@@ -97,7 +87,9 @@ patch -p1 -i patches/copy-devices.diff
 %patch7 -p1 -b .skip-compress
 %patch8 -p1 -b .xattr
 %patch9 -p1 -b .cve-2018-25032
-%patch10 -p1 -b .cve-2022-29154
+%patch10 -p1 -b .spars-block
+%patch11 -p1 -b .cve-2022-29154
+%patch12 -p1 -b .cve-2022-37434
 
 %build
 %configure
@@ -122,6 +114,7 @@ chmod -x support/*
 %files
 %{!?_licensedir:%global license %%doc}
 %license COPYING
+%doc NEWS OLDNEWS README support/ tech_report.tex
 %{_bindir}/%{name}
 %{_mandir}/man1/%{name}.1*
 
@@ -142,21 +135,21 @@ chmod -x support/*
 %postun daemon
 %systemd_postun_with_restart rsyncd.service
 
-%files doc
-%doc NEWS OLDNEWS README support/ tech_report.tex
-
 %changelog
-* Fri Sep 23 2022 Xiaoping Liu <liuxiaoping@alibaba-inc.com> - 3.1.3-14.0.1.3
-- Add doc sub package
+* Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-19
+- Resolves: #2116668 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
+
+* Mon Aug 15 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-18
+- Resolves: #2111175 - remote arbitrary files write inside the directories of connecting peers
 
-* Mon Aug 15 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-14.3
-- Resolves: #2111174 - remote arbitrary files write inside the directories of connecting peers
+* Mon Aug 08 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-17
+- Related: #2043753 - New option should not be sent to the server every time
 
-* Wed Apr 20 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-14.2
-- Related: #2074783 - Needed to bump this to rebuild correctly
+* Thu Jul 28 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-16
+- Resolves: #2043753 - [RFE] Improve defaults for sparse file buffering
 
-* Wed Apr 13 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-14.1
-- Resolves: #2074783 - A flaw in zlib-1.2.11 when compressing (not decompressing!) certain inputs
+* Tue Apr 12 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-15
+- Resolves: #2071513 - A flaw in zlib-1.2.11 when compressing (not decompressing!) certain inputs
 
 * Mon Oct 11 2021 Michal Ruprich <mruprich@redhat.com> - 3.1.3-14
 - Related: #1907443 - Adding fmf plans to run tests with tmt
-- 
Gitee


From c7634fc1b7e42615c562810fa76f0169c49d6f54 Mon Sep 17 00:00:00 2001
From: liuxiaoping <lxp01404969@alibaba-inc.com>
Date: Sat, 16 Jul 2022 17:10:34 +0800
Subject: [PATCH 2/2] Add doc sub package

---
 rsync.spec | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/rsync.spec b/rsync.spec
index e6050c5..75ab260 100644
--- a/rsync.spec
+++ b/rsync.spec
@@ -1,3 +1,4 @@
+%define anolis_release .0.1
 %global _hardened_build 1
 
 %define isprerelease 0
@@ -9,7 +10,7 @@
 Summary: A program for synchronizing files over a network
 Name: rsync
 Version: 3.1.3
-Release: 19%{?dist}
+Release: 19%{anolis_release}%{?dist}
 Group: Applications/Internet
 URL: http://rsync.samba.org/
 
@@ -27,6 +28,9 @@ BuildRequires: libacl-devel, libattr-devel, autoconf, popt-devel, systemd
 Provides: bundled(zlib) = 1.2.8
 License: GPLv3+
 
+Provides: /usr/bin/rsync
+Requires: glibc
+
 Patch0: rsync-man.patch
 Patch1: rsync-3.0.6-iconv-logging.patch
 Patch2: rsync-3.1.3-covscan.patch
@@ -59,6 +63,14 @@ Requires: %{name} = %{version}-%{release}
 Rsync can be used to offer read only access to anonymous clients. This
 package provides the anonymous rsync service.
 
+%package doc
+Summary: Documents for %{name}
+BuildArch: noarch
+Requires: %{name} = %{version}-%{release}
+
+%description doc
+Doc pages for %{name}.
+
 %prep
 # TAG: for pre versions use
 
@@ -114,7 +126,6 @@ chmod -x support/*
 %files
 %{!?_licensedir:%global license %%doc}
 %license COPYING
-%doc NEWS OLDNEWS README support/ tech_report.tex
 %{_bindir}/%{name}
 %{_mandir}/man1/%{name}.1*
 
@@ -135,7 +146,13 @@ chmod -x support/*
 %postun daemon
 %systemd_postun_with_restart rsyncd.service
 
+%files doc
+%doc NEWS OLDNEWS README support/ tech_report.tex
+
 %changelog
+* Wed Jan 11 2023 Xiaoping Liu <liuxiaoping@alibaba-inc.com> - 3.1.3-19.0.1
+- Add doc sub package
+
 * Thu Aug 18 2022 Michal Ruprich <mruprich@redhat.com> - 3.1.3-19
 - Resolves: #2116668 - zlib: a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field
 
-- 
Gitee