tftpd: Abort on an WRQ access violation

On a WRQ (write request) tftpd checks whether the client has access
permission for the file in question.  If not, then the write is prevented.
However, tftpd doesn't reply with an ERROR packet, nor does it abort.
Instead, it tries to receive the packet anyway.

The symptom is slightly different depending on the nature of the error.  If
the target file is nonexistent and tftpd lacks permission to create it, then
tftpd will willingly receive the file, but not write it anywhere.  If the
file exists but is not writable, then tftpd will fail to ACK to WRQ.

PR:		225996
MFC after:	3 weeks
This commit is contained in:
asomers 2018-03-10 01:43:55 +00:00
parent 26f5519e21
commit c29c7eb33f
2 changed files with 4 additions and 6 deletions

View File

@ -817,8 +817,6 @@ TFTPD_TC_DEFINE(wrq_eaccess,)
close(fd); close(fd);
SEND_WRQ("empty.txt", "octet"); SEND_WRQ("empty.txt", "octet");
atf_tc_expect_fail("PR 225996 tftpd doesn't abort on a WRQ access "
"violation");
RECV_ERROR(2, "Access violation"); RECV_ERROR(2, "Access violation");
} }
@ -835,8 +833,6 @@ TFTPD_TC_DEFINE(wrq_eaccess_world_readable,)
close(fd); close(fd);
SEND_WRQ("empty.txt", "octet"); SEND_WRQ("empty.txt", "octet");
atf_tc_expect_fail("PR 225996 tftpd doesn't abort on a WRQ access "
"violation");
RECV_ERROR(2, "Access violation"); RECV_ERROR(2, "Access violation");
} }
@ -911,8 +907,6 @@ TFTPD_TC_DEFINE(wrq_netascii,)
TFTPD_TC_DEFINE(wrq_nonexistent,) TFTPD_TC_DEFINE(wrq_nonexistent,)
{ {
SEND_WRQ("nonexistent.txt", "octet"); SEND_WRQ("nonexistent.txt", "octet");
atf_tc_expect_fail("PR 225996 tftpd doesn't abort on a WRQ access "
"violation");
RECV_ERROR(1, "File not found"); RECV_ERROR(1, "File not found");
} }

View File

@ -545,6 +545,10 @@ tftp_wrq(int peer, char *recvbuffer, ssize_t size)
filename, errtomsg(ecode)); filename, errtomsg(ecode));
} }
if (ecode) {
send_error(peer, ecode);
exit(1);
}
tftp_recvfile(peer, mode); tftp_recvfile(peer, mode);
exit(0); exit(0);
} }