forked from pool/atftp
Pedro Monreal Gonzalez
222c2ec04b
- Removed old initscript conditionals and atftpd.init file
- Update to version 0.7.2 [bsc#1133114, CVE-2019-11365][bsc#1133145, CVE-2019-11366]
* atftpd.c: Fixed a potential DoS bug (introduced by the IPv6 patch)
* Fix Debian Bug deb#613582 and deb#258998 atftpd: does not reply properly when there's more than 1 interface
* Fix Debian Bug deb#622840 atftpd: Forgets port if both --port and --bind-address are used
* Fix Debian Bug deb#606969 atftp exits with no error after a get when disk is full
* Fix Debian Bug deb#575831 atftp: error return value when tftp put file
* Fix missing default port from Ubuntu bug lp#972834
* Merged patches to improve debugging and warning messages
* Merged patch from Gentoo distribution:
add support for proprietary password extension necessary for
transferring files to linksys routers (atftp client)
* Added patch from Gentoo bug #322601: client fails for filenames containing spaces
* Listening Address configuration fixed
* Added Patch "Blksize option can be smaller than SEGSIZE"
* Fix Debian Bug deb#609813 Apply patch listen on requested port when in daemon mode.
* Fix Debian Bug deb#598474 Fixed use of sendto() over a connected datagram socket on FreeBSD
* Fix Debian Bug deb#580473 Apply IPv6 support patch by Ben Hutchings.
Add AC_GNU_SOURCE to configure.ac to address FTBFS.
* Fix Debian Bug deb#536295 Updated config.sub .guess.
* Fix Debian Bug deb#535604 Make sure we have the --daemon option before starting atftpd
* Fix Debian Bug deb#514521 Crash fix
* Fix Debian Bug deb#484739 Added support for logging to stdout.
* Fix Debian Bug deb#484932 inetd.conf: change udp to udp4
* Fix Debian Bug deb#436310 Fixed the FTBFS.
* Fix Debian Bug deb#420900 Use CLOCKS_PER_SEC instead of CLK_TCK. Fixed a FTBFS.
* Fix Debian Bug deb#271816 Random segfaults fixed
* Fix Debian Bug deb#291829 Segfault fixed on AMD64.
* Fix Debian Bug deb#290062 Copyright fixed.
OBS-URL: https://build.opensuse.org/request/show/698118
OBS-URL: https://build.opensuse.org/package/show/network/atftp?expand=0&rev=38
103 lines
4.0 KiB
Diff
103 lines
4.0 KiB
Diff
Index: tftpd_file.c
|
|
===================================================================
|
|
--- tftpd_file.c.orig
|
|
+++ tftpd_file.c
|
|
@@ -115,7 +115,7 @@ int tftpd_receive_file(struct thread_dat
|
|
struct sockaddr_storage from;
|
|
char addr_str[SOCKADDR_PRINT_ADDR_LEN];
|
|
struct tftphdr *tftphdr = (struct tftphdr *)data->data_buffer;
|
|
- FILE *fp;
|
|
+ FILE *fp = NULL;
|
|
char filename[MAXLEN];
|
|
char string[MAXLEN];
|
|
int timeout = data->timeout;
|
|
@@ -145,18 +145,6 @@ int tftpd_receive_file(struct thread_dat
|
|
return ERR;
|
|
}
|
|
|
|
- /* Open the file for writing. */
|
|
- if ((fp = fopen(filename, "w")) == NULL)
|
|
- {
|
|
- /* Can't create the file. */
|
|
- logger(LOG_INFO, "Can't open %s for writing", filename);
|
|
- tftp_send_error(sockfd, sa, EACCESS, data->data_buffer, data->data_buffer_size);
|
|
- if (data->trace)
|
|
- logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EACCESS,
|
|
- tftp_errmsg[EACCESS]);
|
|
- return ERR;
|
|
- }
|
|
-
|
|
/* tsize option */
|
|
if (((result = opt_get_tsize(data->tftp_options)) > -1) && !convert)
|
|
{
|
|
@@ -173,7 +161,6 @@ int tftpd_receive_file(struct thread_dat
|
|
if (data->trace)
|
|
logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EOPTNEG,
|
|
tftp_errmsg[EOPTNEG]);
|
|
- fclose(fp);
|
|
return ERR;
|
|
}
|
|
timeout = result;
|
|
@@ -190,7 +177,6 @@ int tftpd_receive_file(struct thread_dat
|
|
if (data->trace)
|
|
logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EOPTNEG,
|
|
tftp_errmsg[EOPTNEG]);
|
|
- fclose(fp);
|
|
return ERR;
|
|
}
|
|
|
|
@@ -200,7 +186,6 @@ int tftpd_receive_file(struct thread_dat
|
|
if (data->data_buffer == NULL)
|
|
{
|
|
logger(LOG_ERR, "memory allocation failure");
|
|
- fclose(fp);
|
|
return ERR;
|
|
}
|
|
tftphdr = (struct tftphdr *)data->data_buffer;
|
|
@@ -211,7 +196,6 @@ int tftpd_receive_file(struct thread_dat
|
|
if (data->trace)
|
|
logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", ENOSPACE,
|
|
tftp_errmsg[ENOSPACE]);
|
|
- fclose(fp);
|
|
return ERR;
|
|
}
|
|
opt_set_blksize(result, data->tftp_options);
|
|
@@ -346,6 +330,20 @@ int tftpd_receive_file(struct thread_dat
|
|
}
|
|
break;
|
|
case S_DATA_RECEIVED:
|
|
+ if (fp == NULL) {
|
|
+ /* Open the file for writing. */
|
|
+ if ((fp = fopen(filename, "w")) == NULL)
|
|
+ {
|
|
+ /* Can't create the file. */
|
|
+ logger(LOG_INFO, "Can't open %s for writing", filename);
|
|
+ tftp_send_error(sockfd, sa, EACCESS, data->data_buffer, data->data_buffer_size);
|
|
+ if (data->trace)
|
|
+ logger(LOG_DEBUG, "sent ERROR <code: %d, msg: %s>", EACCESS,
|
|
+ tftp_errmsg[EACCESS]);
|
|
+ return ERR;
|
|
+ }
|
|
+ }
|
|
+
|
|
/* We need to seek to the right place in the file */
|
|
block_number = tftp_rollover_blocknumber(
|
|
ntohs(tftphdr->th_block), prev_block_number, 0);
|
|
@@ -374,13 +372,13 @@ int tftpd_receive_file(struct thread_dat
|
|
state = S_SEND_ACK;
|
|
break;
|
|
case S_END:
|
|
- fclose(fp);
|
|
+ if (fp != NULL) fclose(fp);
|
|
return OK;
|
|
case S_ABORT:
|
|
- fclose(fp);
|
|
+ if (fp != NULL) fclose(fp);
|
|
return ERR;
|
|
default:
|
|
- fclose(fp);
|
|
+ if (fp != NULL) fclose(fp);
|
|
logger(LOG_ERR, "%s: %d: tftpd_file.c: huh?",
|
|
__FILE__, __LINE__);
|
|
return ERR;
|