diff options
| author | Denys Vlasenko <vda.linux@googlemail.com> | 2014-09-03 18:35:38 +0200 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2014-09-03 18:35:38 +0200 |
| commit | 67e01fecce5547a3d3d5695f52b375d224014b54 (patch) | |
| tree | 885bcb9889dbc8221ac8ab7544913a96647efc15 | |
| parent | f02c52bcdecc2f2859655e42f15365c0449b6ce3 (diff) | |
| download | busybox-w32-67e01fecce5547a3d3d5695f52b375d224014b54.tar.gz busybox-w32-67e01fecce5547a3d3d5695f52b375d224014b54.tar.bz2 busybox-w32-67e01fecce5547a3d3d5695f52b375d224014b54.zip | |
tftpd: support full 512-byte requests
Some HP PA-RISC firmware always sends fixed 512-byte requests,
with trailing garbage.
function old new delta
tftpd_main 578 572 -6
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
| -rw-r--r-- | networking/tftp.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/networking/tftp.c b/networking/tftp.c index 630fdaf9a..8e3b0a2dc 100644 --- a/networking/tftp.c +++ b/networking/tftp.c | |||
| @@ -119,6 +119,7 @@ struct globals { | |||
| 119 | struct passwd *pw; | 119 | struct passwd *pw; |
| 120 | /* used in tftpd_main(), a bit big for stack: */ | 120 | /* used in tftpd_main(), a bit big for stack: */ |
| 121 | char block_buf[TFTP_BLKSIZE_DEFAULT]; | 121 | char block_buf[TFTP_BLKSIZE_DEFAULT]; |
| 122 | char block_buf_tail[1]; | ||
| 122 | #if ENABLE_FEATURE_TFTP_PROGRESS_BAR | 123 | #if ENABLE_FEATURE_TFTP_PROGRESS_BAR |
| 123 | off_t pos; | 124 | off_t pos; |
| 124 | off_t size; | 125 | off_t size; |
| @@ -793,14 +794,16 @@ int tftpd_main(int argc UNUSED_PARAM, char **argv) | |||
| 793 | xchroot(argv[0]); | 794 | xchroot(argv[0]); |
| 794 | } | 795 | } |
| 795 | 796 | ||
| 796 | result = recv_from_to(STDIN_FILENO, G.block_buf, sizeof(G.block_buf), | 797 | result = recv_from_to(STDIN_FILENO, |
| 798 | G.block_buf, sizeof(G.block_buf) + 1, | ||
| 799 | /* ^^^ sizeof+1 to reliably detect oversized input */ | ||
| 797 | 0 /* flags */, | 800 | 0 /* flags */, |
| 798 | &peer_lsa->u.sa, &our_lsa->u.sa, our_lsa->len); | 801 | &peer_lsa->u.sa, &our_lsa->u.sa, our_lsa->len); |
| 799 | 802 | ||
| 800 | error_msg = "malformed packet"; | 803 | error_msg = "malformed packet"; |
| 801 | opcode = ntohs(*(uint16_t*)G.block_buf); | 804 | opcode = ntohs(*(uint16_t*)G.block_buf); |
| 802 | if (result < 4 || result >= sizeof(G.block_buf) | 805 | if (result < 4 || result > sizeof(G.block_buf) |
| 803 | || G.block_buf[result-1] != '\0' | 806 | /*|| G.block_buf[result-1] != '\0' - bug compatibility, see below */ |
| 804 | || (IF_FEATURE_TFTP_PUT(opcode != TFTP_RRQ) /* not download */ | 807 | || (IF_FEATURE_TFTP_PUT(opcode != TFTP_RRQ) /* not download */ |
| 805 | IF_GETPUT(&&) | 808 | IF_GETPUT(&&) |
| 806 | IF_FEATURE_TFTP_GET(opcode != TFTP_WRQ) /* not upload */ | 809 | IF_FEATURE_TFTP_GET(opcode != TFTP_WRQ) /* not upload */ |
| @@ -808,6 +811,13 @@ int tftpd_main(int argc UNUSED_PARAM, char **argv) | |||
| 808 | ) { | 811 | ) { |
| 809 | goto err; | 812 | goto err; |
| 810 | } | 813 | } |
| 814 | /* Some HP PA-RISC firmware always sends fixed 512-byte requests, | ||
| 815 | * with trailing garbage. | ||
| 816 | * Support that by not requiring NUL to be the last byte (see above). | ||
| 817 | * To make strXYZ() ops safe, force NUL termination: | ||
| 818 | */ | ||
| 819 | G.block_buf_tail[0] = '\0'; | ||
| 820 | |||
| 811 | local_file = G.block_buf + 2; | 821 | local_file = G.block_buf + 2; |
| 812 | if (local_file[0] == '.' || strstr(local_file, "/.")) { | 822 | if (local_file[0] == '.' || strstr(local_file, "/.")) { |
| 813 | error_msg = "dot in file name"; | 823 | error_msg = "dot in file name"; |