mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-07 00:50:50 +00:00
tftpd: Immediately reject any request shorter than 4 bytes.
MFC after: 1 week Sponsored by: Klara, Inc. Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D44957
This commit is contained in:
parent
83a6e984ac
commit
9f231af307
|
@ -1219,6 +1219,22 @@ TFTPD_TC_DEFINE(wrq_window_rfc7440,)
|
|||
require_bufeq(contents, sizeof(contents), buffer, (size_t)r);
|
||||
}
|
||||
|
||||
/*
|
||||
* Send less than four bytes
|
||||
*/
|
||||
TFTPD_TC_DEFINE(short_packet1, /* no head */, exitcode = 1)
|
||||
{
|
||||
SEND_STR("\1");
|
||||
}
|
||||
TFTPD_TC_DEFINE(short_packet2, /* no head */, exitcode = 1)
|
||||
{
|
||||
SEND_STR("\1\2");
|
||||
}
|
||||
TFTPD_TC_DEFINE(short_packet3, /* no head */, exitcode = 1)
|
||||
{
|
||||
SEND_STR("\1\2\3");
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* Main
|
||||
|
@ -1256,6 +1272,9 @@ ATF_TP_ADD_TCS(tp)
|
|||
TFTPD_TC_ADD(tp, wrq_small);
|
||||
TFTPD_TC_ADD(tp, wrq_truncate);
|
||||
TFTPD_TC_ADD(tp, wrq_window_rfc7440);
|
||||
TFTPD_TC_ADD(tp, short_packet1);
|
||||
TFTPD_TC_ADD(tp, short_packet2);
|
||||
TFTPD_TC_ADD(tp, short_packet3);
|
||||
|
||||
return (atf_no_error());
|
||||
}
|
||||
|
|
|
@ -228,6 +228,11 @@ main(int argc, char *argv[])
|
|||
}
|
||||
getnameinfo((struct sockaddr *)&peer_sock, peer_sock.ss_len,
|
||||
peername, sizeof(peername), NULL, 0, NI_NUMERICHOST);
|
||||
if ((size_t)n < 4 /* tftphdr */) {
|
||||
tftp_log(LOG_ERR, "Rejecting %zd-byte request from %s",
|
||||
n, peername);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/*
|
||||
* Now that we have read the message out of the UDP
|
||||
|
|
Loading…
Reference in a new issue