D44957.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D44957.diff
View Options

	diff --git a/libexec/tftpd/tests/functional.c b/libexec/tftpd/tests/functional.c
	--- a/libexec/tftpd/tests/functional.c
	+++ b/libexec/tftpd/tests/functional.c
	@@ -1219,6 +1219,22 @@
	require_bufeq(contents, sizeof(contents), buffer, (size_t)r);
	}

	+/*
	+ * Send less than four bytes
	+ */
	+TFTPD_TC_DEFINE(short_packet1, /* no head */, exitcode = 1)
	+{
	+ SEND_STR("\1");
	+}
	+TFTPD_TC_DEFINE(short_packet2, /* no head */, exitcode = 1)
	+{
	+ SEND_STR("\1\2");
	+}
	+TFTPD_TC_DEFINE(short_packet3, /* no head */, exitcode = 1)
	+{
	+ SEND_STR("\1\2\3");
	+}
	+

	/*
	* Main
	@@ -1256,6 +1272,9 @@
	TFTPD_TC_ADD(tp, wrq_small);
	TFTPD_TC_ADD(tp, wrq_truncate);
	TFTPD_TC_ADD(tp, wrq_window_rfc7440);
	+ TFTPD_TC_ADD(tp, short_packet1);
	+ TFTPD_TC_ADD(tp, short_packet2);
	+ TFTPD_TC_ADD(tp, short_packet3);

	return (atf_no_error());
	}
	diff --git a/libexec/tftpd/tftpd.c b/libexec/tftpd/tftpd.c
	--- a/libexec/tftpd/tftpd.c
	+++ b/libexec/tftpd/tftpd.c
	@@ -228,6 +228,11 @@
	}
	getnameinfo((struct sockaddr *)&peer_sock, peer_sock.ss_len,
	peername, sizeof(peername), NULL, 0, NI_NUMERICHOST);
	+ if ((size_t)n < 4 /* tftphdr */) {
	+ tftp_log(LOG_ERR, "Rejecting %zd-byte request from %s",
	+ n, peername);
	+ exit(1);
	+ }

	/*
	* Now that we have read the message out of the UDP