mirror of
git://anongit.mindrot.org/openssh.git
synced 2025-04-01 22:58:53 +00:00
- markus@cvs.openbsd.org 2002/06/06 17:12:44
[sftp-server.c]
discard remaining bytes of current request; ok provos@
This commit is contained in:
Ben Lindstrom
parent
d9d6ab6372
commit
2c14047ada
@ -124,6 +124,9 @@
|
|||||||
- stevesk@cvs.openbsd.org 2002/06/06 01:09:41
|
- stevesk@cvs.openbsd.org 2002/06/06 01:09:41
|
||||||
[monitor.h]
|
[monitor.h]
|
||||||
no trailing comma in enum; china@thewrittenword.com
|
no trailing comma in enum; china@thewrittenword.com
|
||||||
|
- markus@cvs.openbsd.org 2002/06/06 17:12:44
|
||||||
|
[sftp-server.c]
|
||||||
|
discard remaining bytes of current request; ok provos@
|
||||||
|
|
||||||
20020604
|
20020604
|
||||||
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
|
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
|
||||||
@ -808,4 +811,4 @@
|
|||||||
- (stevesk) entropy.c: typo in debug message
|
- (stevesk) entropy.c: typo in debug message
|
||||||
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.2177 2002/06/06 21:57:01 mouring Exp $
|
$Id: ChangeLog,v 1.2178 2002/06/06 21:57:54 mouring Exp $
|
||||||
|
|||||||
@ -22,7 +22,7 @@
|
|||||||
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
*/
|
*/
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sftp-server.c,v 1.33 2002/02/13 00:28:13 markus Exp $");
|
RCSID("$OpenBSD: sftp-server.c,v 1.34 2002/06/06 17:12:44 markus Exp $");
|
||||||
|
|
||||||
#include "buffer.h"
|
#include "buffer.h"
|
||||||
#include "bufaux.h"
|
#include "bufaux.h"
|
||||||
@ -956,10 +956,13 @@ static void
|
|||||||
process(void)
|
process(void)
|
||||||
{
|
{
|
||||||
u_int msg_len;
|
u_int msg_len;
|
||||||
|
u_int buf_len;
|
||||||
|
u_int consumed;
|
||||||
u_int type;
|
u_int type;
|
||||||
u_char *cp;
|
u_char *cp;
|
||||||
|
|
||||||
if (buffer_len(&iqueue) < 5)
|
buf_len = buffer_len(&iqueue);
|
||||||
|
if (buf_len < 5)
|
||||||
return; /* Incomplete message. */
|
return; /* Incomplete message. */
|
||||||
cp = buffer_ptr(&iqueue);
|
cp = buffer_ptr(&iqueue);
|
||||||
msg_len = GET_32BIT(cp);
|
msg_len = GET_32BIT(cp);
|
||||||
@ -967,9 +970,10 @@ process(void)
|
|||||||
error("bad message ");
|
error("bad message ");
|
||||||
exit(11);
|
exit(11);
|
||||||
}
|
}
|
||||||
if (buffer_len(&iqueue) < msg_len + 4)
|
if (buf_len < msg_len + 4)
|
||||||
return;
|
return;
|
||||||
buffer_consume(&iqueue, 4);
|
buffer_consume(&iqueue, 4);
|
||||||
|
buf_len -= 4;
|
||||||
type = buffer_get_char(&iqueue);
|
type = buffer_get_char(&iqueue);
|
||||||
switch (type) {
|
switch (type) {
|
||||||
case SSH2_FXP_INIT:
|
case SSH2_FXP_INIT:
|
||||||
@ -1036,6 +1040,14 @@ process(void)
|
|||||||
error("Unknown message %d", type);
|
error("Unknown message %d", type);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
/* discard the remaining bytes from the current packet */
|
||||||
|
if (buf_len < buffer_len(&iqueue))
|
||||||
|
fatal("iqueue grows");
|
||||||
|
consumed = buf_len - buffer_len(&iqueue);
|
||||||
|
if (msg_len < consumed)
|
||||||
|
fatal("msg_len %d < consumed %d", msg_len, consumed);
|
||||||
|
if (msg_len > consumed)
|
||||||
|
buffer_consume(&iqueue, msg_len - consumed);
|
||||||
}
|
}
|
||||||
|
|
||||||
int
|
int
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user