Skip to content

@dbaarda dbaarda released this Aug 18, 2019 · 2 commits to master since this release


This is a minor release that exposes a few useful utility functions to librsync.h previously only used by rdiff. It also introduces proper exporting of only public symbols in the librsync.h header. The most important fix is for a memory leak when freeing signatures. Upgrading from v2.0.2 is highly recommended for people using librsync and experiencing memory leak problems, but otherwise not urgent.

Included Changes

  • Bump minor version from 2.0.3 to 2.1.0 to reflect additions to librsync.h.

  • Fix exporting of private symbols from librsync library. Add export of useful large file functions rs_file_open(), rs_file_close(), and rs_file_size() to librsync.h. Add export of rs_signature_log_stats() to log signature hashtable hit/miss stats. Improve rdiff error output. (dbaarda, #130)

  • Updated release process to include stable tarballs. (dbaarda,#146)

  • Remove redundant and broken --paranoia argument from rdiff. (dbaarda, #155)

  • Fix memory leak of rs_signature_t->block_sigs when freeing signatures. (telles-simbiose, #147)

  • Document delta file format. (zmj, #46)

  • Fix up doxygen comments. (dbaarda, #151)

Known Issues

  • The debian package configs are still very out of date.
Assets 3

@dbaarda dbaarda released this Feb 27, 2018 · 31 commits to master since this release


This is a minor point release that includes mainly code cleanups and compatibility fixes for different platforms. Upgrading from v2.0.1 is recommended but not urgent for people who don't require any of these fixes.

Included Changes

  • Improve CMake install paths configuration (wRAR, #133) and platform support checking when cross-compiling (fornwall, #136).

  • Fix Unaligned memory access for rs_block_sig_init() (dbaarda, #135).

  • Fix hashtable_test.c name collision for key_t in sys/types.h on some platforms (dbaarda, #134)

  • Format code with consistent style, adding make tidy and make tidyc targets for reformating code and comments. (dbaarda, #125)

  • Removed perl as a build dependency. Note it is still required for some tests. (dbaarda, #75)

  • Update RPM spec file for v2.0.2 and fix cmake man page install. (deajan, #47)

Known Issues

  • The debian package configs are still very out of date.
Assets 3

@dbaarda dbaarda released this Oct 17, 2017 · 95 commits to master since this release


Although this is only a minor point release it is long overdue and includes a large number of performance improvements and bug fixes. It should be significantly faster than any earlier version, particularly for large files. It should also be more robust and reliable. People are strongly encouraged to upgrade.

Included Changes

  • Extensively reworked Doxygen documentation, now available at (Martin Pool)

  • Removed some declarations from librsync.h that were unimplemented or no
    longer ever useful: rs_work_options, rs_accum_value. Remove
    declaration of unimplemented rs_mdfour_file(). (Martin Pool)

  • Remove shipped snprintf code: no longer acutally linked after changing to
    CMake, and since it's part of C99 it should be widely available.
    (Martin Pool)

  • Document that Ninja ( is supported under CMake.
    It's a bit faster and nicer than Make. (Martin Pool)

  • make check (or ninja check etc) will now build and run the tests.
    Previously due to a CMake limitation, make test would only run existing
    tests and could fail if they weren't built.
    (Martin Pool, #49)

  • Added cmake options to exclude rdiff target and compression from build.
    See install documentation for details. Thanks to Michele Bertasi.

  • popt is only needed when rdiff is being built. (gulikoza)

  • Improved large file support for platforms using different variants
    of fseek (fseeko, fseeko64, _fseeki64), fstat (fstat64,
    _fstati64), and fileno (_fileno). (dbaarda, charlievieth,
    gulikoza, marius-nicolae)

  • rdiff -s option now shows bytes read/written and speed. (gulikoza).
    For delta operations it also shows hashtable match statistics. (dbaarda)

  • Running rdiff should not overwrite existing files (signatures, deltas and
    new patched files) by default. If the destination file exists, rdiff will
    now exit with an error. Add new option -f (--force) to overwrite existing
    files. (gulikoza)

  • Improve signature memory allocation (doubling size instead of calling
    realloc for every sig block) and added support for preallocation. See job->estimated_signature_count for usage when using the
    library. rdiff uses this by default if possible. (gulikoza, dbaarda)

  • Significantly tidied signature handling code and testing, resulting in more
    consistent error handling behaviour, and making it easier to plug in
    alternative weak and strong sum implementations. Also fixed "slack delta"
    support for delta calculation with no signature. (dbaarda)

  • stdint.h and inttypes.h from C99 is now required. Removed redundant
    librsync-config.h header file. (dbaarda)

  • Lots of small fixes for windows platforms and building with MSVC.
    (lasalvavida, mbrt, dbaarda)

  • New open addressing hashtable implementation that significantly speeds up
    delta operations, particularly for large files. Also fixed degenerate
    behaviour with large number of duplicate blocks like runs of zeros
    in sparse files. (dbaarda)

  • Optional support with cmake option for using libb2 blake2 implementation.
    Also updated included reference blake2 implementation with bug fixes

  • Improved default values for input and output buffer sizes. The defaults are
    now --input-size=0 and --output-size=0, which will choose recommended
    default sizes based on the --block-size and the operation being performed.

  • Fixed hanging for truncated input files. It will now correctly report an
    error indicating an unexpected EOF was encountered. (dbaarda,

  • Fixed #13 so that faster slack delta's are used for signatures of
    empty files. (dbaarda,

  • Fixed #33 so rs_job_iter() doesn't need calling twice with eof=1.
    Also tidied and optimized it a bit. (dbaarda,

  • Fixed #55 remove excessive rs_fatal() calls, replacing checks for
    programming errors with assert statements. Now rs_fatal() will only
    be called for rare unrecoverable fatal errors like malloc failures or
    impossibly large inputs. (dbaarda,

Known Issues

  • The rpm and debian package configs are very out of date.
Assets 2

@sourcefrog sourcefrog released this Nov 29, 2015 · 434 commits to master since this release

Note: despite the major version bump, this release has few changes and should be binary and API compatible with the previous version.

  • Bump librsync version number to 2.0, to match the library
    soname/dylib version.
    (Martin Pool, #48)
Assets 2

@sourcefrog sourcefrog released this Nov 21, 2015 · 436 commits to master since this release

librsync 1.0.1 (2015-11-21)

  • Better performance on large files. (VictorDenisov)

  • Add comment on usage of rs_build_hash_table(), and assert correct use.
    Callers must call rs_build_hash_table() after loading the signature,
    and before calling rs_delta_begin().
    Thanks to Paul Harris

  • Switch from autoconf to CMake.

    Thanks to Adam Schubert.

Assets 2

@sourcefrog sourcefrog released this Jan 23, 2015 · 517 commits to master since this release

Changes in librsync 1.0.0 (2015-01-23)

  • SECURITY: CVE-2014-8242: librsync previously used a truncated MD4
    "strong" check sum to match blocks. However, MD4 is not cryptographically
    strong. It's possible that an attacker who can control the contents of one
    part of a file could use it to control other regions of the file, if it's
    transferred using librsync/rdiff. For example this might occur in a
    database, mailbox, or VM image containing some attacker-controlled data.

    To mitigate this issue, signatures will by default be computed with a
    256-bit BLAKE2 hash. Old versions of librsync will complain about a
    bad magic number when given these signature files.

    Backward compatibility can be obtained using the new
    rdiff sig --hash=md4
    option or through specifying the "signature magic" in the API, but
    this should not be used when either the old or new file contain
    untrusted data.

    Deltas generated from those signatures will also use BLAKE2 during
    generation, but produce output that can be read by old versions.

    See #5

    Thanks to Michael Samuel <> for reporting this and offering an
    initial patch.

  • Various build fixes, thanks Timothy Gu.

  • Improved rdiff man page from Debian.

  • Improved librsync.spec file for building RPMs.

  • Fixed bug #1110812 'internal error: job made no progress'; on large

  • Moved hosting to

  • integration test at

  • Remove bundled copy of popt; it must be installed separately.

  • You can set $LIBTOOLIZE before running, for example on
    OS X Homebrew where it is called glibtoolize.

Assets 2
You can’t perform that action at this time.