Don't accept any blksize

author Joseph C. Lehner <joseph.c.lehner@gmail.com>

Tue, 10 Jan 2017 19:16:09 +0000 (20:16 +0100)

committer Joseph C. Lehner <joseph.c.lehner@gmail.com>

Thu, 12 Jan 2017 16:08:43 +0000 (17:08 +0100)
author Joseph C. Lehner <joseph.c.lehner@gmail.com>
Tue, 10 Jan 2017 19:16:09 +0000 (20:16 +0100)
committer Joseph C. Lehner <joseph.c.lehner@gmail.com>
Thu, 12 Jan 2017 16:08:43 +0000 (17:08 +0100)
diff --git a/tftp.c b/tftp.c

index f5ad35a75c996c7bf8c6d61e7bd69e614fae9d22..a11023841480dcdff3a5a233dad51847828dd013 100644 (file)
--- a/tftp.c
+++ b/tftp.c
@@ -30,7 +30,7 @@
  #define O_BINARY 0
  #endif
  
-#define TFTP_PKT_SIZE 516
+#define TFTP_BLKSIZE 1456
  
  static const char *opcode_names[] = {
         "RRQ", "WRQ", "DATA", "ACK", "ERR", "OACK"
@@ -374,7 +374,7 @@ int tftp_put(struct nmrpd_args *args)
         /* Not really, but this way the loop sends our WRQ before receiving */
         timeout = 1;
  
-       pkt_mkwrq(tx, file_remote, 1456);
+       pkt_mkwrq(tx, file_remote, TFTP_BLKSIZE);
  
         while (!g_interrupted) {
                 ackblock = -1;
@@ -387,7 +387,7 @@ int tftp_put(struct nmrpd_args *args)
                                 ackblock = 0;
                                 if ((val = pkt_optval(rx, "blksize"))) {
                                         blksize = strtol(val, &end, 10);
-                                       if (!blksize || (*end != '\0')) {
+                                       if (*end != '\0' || blksize < 8 || blksize > TFTP_BLKSIZE) {
                                                 fprintf(stderr, "Error: invalid blksize in OACK: %s\n", val);
                                                 ret = -1;
                                                 goto cleanup;
author	Joseph C. Lehner <joseph.c.lehner@gmail.com>
	Tue, 10 Jan 2017 19:16:09 +0000 (20:16 +0100)
committer	Joseph C. Lehner <joseph.c.lehner@gmail.com>
	Thu, 12 Jan 2017 16:08:43 +0000 (17:08 +0100)