Date: Wed, 31 Jan 2001 00:20:24 +0100 From: Pascal Hofstee <daeron@shadowmere.student.utwente.nl> To: freebsd-current@freebsd.org Subject: Bug in tftpd ? Message-ID: <20010131002024.A77116@shadowmere.student.utwente.nl>
next in thread | raw e-mail | index | archive | help
Hi,
I think i just encountered a bug in FreeBSD's tftpd-implementation.
Actually it's a bug that i spotted a while back with a friend of mine in
NetBSD's implementation, but never really bothered with it since i don't
use tftpd myself, but i am in a position now where i need to with FreeBSD.
The bug only triggers when trying to fetch files bigger than 32 MB. On
NetBSD it happened around a 16 MB boundary ... (but i may have interpreted
blocksizes wrong).
The issue is located in a minor difference in tftpd's own "block" count
and <arpa/tftp.h> 's struct tftphdr 's "tu_block" type declaration
<arpa/tftp.h> defines the block count:
unsigned short tu_block; /* block # */
tftpd.c 's xmitfile and recvfile functions define the block count:
volatile int block;
What happens is kinda obvious .... after quite a lot of data has been sent
without any problems ... suddenly tftpd's block-counter starts wrapping
while <arpa/tftp.h>'s block counter does simply increase more.
This results in "TIMEOUT errors" as the block-sequence numbers simply won't
match any more.
If patches are required let me know ...
--
Pascal Hofstee < daeron @ shadowmere . student . utwente . nl >
begin LOVE-LETTER-FOR-YOU.TXT.vbs
I'm a signature virus. Please copy me and help me spread.
end
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010131002024.A77116>