Date: Sat, 10 Mar 2018 01:43:55 +0000 (UTC) From: Alan Somers <asomers@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r330719 - in head/libexec/tftpd: . tests Message-ID: <201803100143.w2A1htCx059013@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: asomers Date: Sat Mar 10 01:43:55 2018 New Revision: 330719 URL: https://svnweb.freebsd.org/changeset/base/330719 Log: tftpd: Abort on an WRQ access violation On a WRQ (write request) tftpd checks whether the client has access permission for the file in question. If not, then the write is prevented. However, tftpd doesn't reply with an ERROR packet, nor does it abort. Instead, it tries to receive the packet anyway. The symptom is slightly different depending on the nature of the error. If the target file is nonexistent and tftpd lacks permission to create it, then tftpd will willingly receive the file, but not write it anywhere. If the file exists but is not writable, then tftpd will fail to ACK to WRQ. PR: 225996 MFC after: 3 weeks Modified: head/libexec/tftpd/tests/functional.c head/libexec/tftpd/tftpd.c Modified: head/libexec/tftpd/tests/functional.c ============================================================================== --- head/libexec/tftpd/tests/functional.c Sat Mar 10 01:35:26 2018 (r330718) +++ head/libexec/tftpd/tests/functional.c Sat Mar 10 01:43:55 2018 (r330719) @@ -817,8 +817,6 @@ TFTPD_TC_DEFINE(wrq_eaccess,) close(fd); SEND_WRQ("empty.txt", "octet"); - atf_tc_expect_fail("PR 225996 tftpd doesn't abort on a WRQ access " - "violation"); RECV_ERROR(2, "Access violation"); } @@ -835,8 +833,6 @@ TFTPD_TC_DEFINE(wrq_eaccess_world_readable,) close(fd); SEND_WRQ("empty.txt", "octet"); - atf_tc_expect_fail("PR 225996 tftpd doesn't abort on a WRQ access " - "violation"); RECV_ERROR(2, "Access violation"); } @@ -911,8 +907,6 @@ TFTPD_TC_DEFINE(wrq_netascii,) TFTPD_TC_DEFINE(wrq_nonexistent,) { SEND_WRQ("nonexistent.txt", "octet"); - atf_tc_expect_fail("PR 225996 tftpd doesn't abort on a WRQ access " - "violation"); RECV_ERROR(1, "File not found"); } Modified: head/libexec/tftpd/tftpd.c ============================================================================== --- head/libexec/tftpd/tftpd.c Sat Mar 10 01:35:26 2018 (r330718) +++ head/libexec/tftpd/tftpd.c Sat Mar 10 01:43:55 2018 (r330719) @@ -545,6 +545,10 @@ tftp_wrq(int peer, char *recvbuffer, ssize_t size) filename, errtomsg(ecode)); } + if (ecode) { + send_error(peer, ecode); + exit(1); + } tftp_recvfile(peer, mode); exit(0); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803100143.w2A1htCx059013>