[Qemu-devel] [PATCH 22/41] slirp: tftp: Refactor tftp_handle

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 22/41] slirp: tftp: Refactor tftp_handle_rrq

From:	Jan Kiszka
Subject:	[Qemu-devel] [PATCH 22/41] slirp: tftp: Refactor tftp_handle_rrq
Date:	Wed, 24 Jun 2009 14:42:30 +0200
User-agent:	StGIT/0.14.3

Specifically make the filename extraction more readable, and always
report errors back to the client.

Signed-off-by: Jan Kiszka <address@hidden>
---

 slirp/tftp.c |   49 +++++++++++++++++++++----------------------------
 1 files changed, 21 insertions(+), 28 deletions(-)

diff --git a/slirp/tftp.c b/slirp/tftp.c
index 75aa4b2..8351908 100644
--- a/slirp/tftp.c
+++ b/slirp/tftp.c
@@ -27,7 +27,7 @@
 
 struct tftp_session {
     int in_use;
-    unsigned char filename[TFTP_FILENAME_MAX];
+    char filename[TFTP_FILENAME_MAX];
 
     struct in_addr client_ip;
     u_int16_t client_port;
@@ -273,8 +273,8 @@ static int tftp_send_data(struct tftp_session *spt,
 static void tftp_handle_rrq(struct tftp_t *tp, int pktlen)
 {
   struct tftp_session *spt;
-  int s, k, n;
-  u_int8_t *src, *dst;
+  int s, k;
+  char *req_fname;
 
   s = tftp_session_allocate(tp);
 
@@ -290,37 +290,31 @@ static void tftp_handle_rrq(struct tftp_t *tp, int pktlen)
       return;
   }
 
-  src = tp->x.tp_buf;
-  dst = spt->filename;
-  n = pktlen - ((uint8_t *)&tp->x.tp_buf[0] - (uint8_t *)tp);
+  /* skip header fields */
+  k = 0;
+  pktlen -= ((uint8_t *)&tp->x.tp_buf[0] - (uint8_t *)tp);
 
   /* get name */
+  req_fname = spt->filename;
 
-  for (k = 0; k < n; k++) {
-    if (k < TFTP_FILENAME_MAX) {
-      dst[k] = src[k];
-    }
-    else {
+  while (1) {
+    if (k >= TFTP_FILENAME_MAX || k >= pktlen) {
+      tftp_send_error(spt, 2, "Access violation", tp);
       return;
     }
-
-    if (src[k] == '\0') {
+    req_fname[k] = (char)tp->x.tp_buf[k];
+    if (req_fname[k++] == '\0') {
       break;
     }
   }
 
-  if (k >= n) {
-    return;
-  }
-
-  k++;
-
   /* check mode */
-  if ((n - k) < 6) {
+  if ((pktlen - k) < 6) {
+    tftp_send_error(spt, 2, "Access violation", tp);
     return;
   }
 
-  if (memcmp(&src[k], "octet\0", 6) != 0) {
+  if (memcmp(&tp->x.tp_buf[k], "octet\0", 6) != 0) {
       tftp_send_error(spt, 4, "Unsupported transfer mode", tp);
       return;
   }
@@ -337,29 +331,28 @@ static void tftp_handle_rrq(struct tftp_t *tp, int pktlen)
   }
 
   /* check if the file exists */
-
-  if (tftp_read_data(spt, 0, spt->filename, 0) < 0) {
+  if (tftp_read_data(spt, 0, NULL, 0) < 0) {
       tftp_send_error(spt, 1, "File not found", tp);
       return;
   }
 
-  if (src[n - 1] != 0) {
+  if (tp->x.tp_buf[pktlen - 1] != 0) {
       tftp_send_error(spt, 2, "Access violation", tp);
       return;
   }
 
-  while (k < n) {
+  while (k < pktlen) {
       const char *key, *value;
 
-      key = (char *)src + k;
+      key = (const char *)&tp->x.tp_buf[k];
       k += strlen(key) + 1;
 
-      if (k >= n) {
+      if (k >= pktlen) {
          tftp_send_error(spt, 2, "Access violation", tp);
          return;
       }
 
-      value = (char *)src + k;
+      value = (const char *)&tp->x.tp_buf[k];
       k += strlen(value) + 1;
 
       if (strcmp(key, "tsize") == 0) {

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 33/41] slirp: Allocate/free stack instance dynamically, (continued)
- [Qemu-devel] [PATCH 33/41] slirp: Allocate/free stack instance dynamically, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 31/41] slirp: Factor out internal state structure, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 34/41] slirp: Enable multiple instances, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 41/41] slirp: Basic VLAN client info_str, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 39/41] net: Provide VLAN client lookup helper, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 40/41] slirp: Make hostfwd_add/remove multi-instance-aware, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 37/41] slirp: Improve error handling in slirp_smb, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 38/41] slirp: Enable multi-instance support for the smb service, Jan Kiszka, 2009/06/24
- [Qemu-devel] Re: [PATCH 00/41] Slirp Fixes and Enhancements - Reloaded, Anthony Liguori, 2009/06/24
- [Qemu-devel] [PATCH 30/41] slirp: Drop link_up checks from if_output and slirp_socket_can_recv, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 22/41] slirp: tftp: Refactor tftp_handle_rrq, Jan Kiszka <=
- [Qemu-devel] [PATCH 05/41] slirp: Move smb, redir, tftp and bootp parameters and -net channel, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 16/41] slirp: Drop dead code, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 14/41] slirp: Mark sockets of incoming TCP connections, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 04/41] Introduce get_next_param_value, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 18/41] slirp: Cleanup and basic reanimation of debug code, Jan Kiszka, 2009/06/24
- [Qemu-devel] [PATCH 06/41] slirp: Rework internal configuration, Jan Kiszka, 2009/06/24

Prev by Date: [Qemu-devel] [PATCH 30/41] slirp: Drop link_up checks from if_output and slirp_socket_can_recv
Next by Date: [Qemu-devel] [PATCH 05/41] slirp: Move smb, redir, tftp and bootp parameters and -net channel
Previous by thread: [Qemu-devel] [PATCH 30/41] slirp: Drop link_up checks from if_output and slirp_socket_can_recv
Next by thread: [Qemu-devel] [PATCH 05/41] slirp: Move smb, redir, tftp and bootp parameters and -net channel
Index(es):
- Date
- Thread