From 86473c57a853a8b5449026659f14640bd2275dc1 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Sun, 20 May 2007 14:59:32 +1000
Subject:    - stevesk@cvs.openbsd.org 2007/04/18 01:12:43      [sftp-server.c]
      cast "%llu" format spec to (unsigned long long); do not assume a     
 u_int64_t arg is the same as 'unsigned long long'.      from Dmitry V. Levin
 <ldv@altlinux.org>      ok markus@ 'Yes, that looks correct' millert@

---
 sftp-server.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'sftp-server.c')

diff --git a/sftp-server.c b/sftp-server.c
index 64777beff..d68584b52 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.71 2007/01/03 07:22:36 stevesk Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.72 2007/04/18 01:12:43 stevesk Exp $ */
 /*
  * Copyright (c) 2000-2004 Markus Friedl.  All rights reserved.
  *
@@ -319,7 +319,8 @@ handle_log_close(int handle, char *emsg)
 		logit("%s%sclose \"%s\" bytes read %llu written %llu",
 		    emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
 		    handle_to_name(handle),
-		    handle_bytes_read(handle), handle_bytes_write(handle));
+		    (unsigned long long)handle_bytes_read(handle),
+		    (unsigned long long)handle_bytes_write(handle));
 	} else {
 		logit("%s%sclosedir \"%s\"",
 		    emsg == NULL ? "" : emsg, emsg == NULL ? "" : " ",
@@ -702,7 +703,8 @@ process_setstat(void)
 	a = get_attrib();
 	debug("request %u: setstat name \"%s\"", id, name);
 	if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
-		logit("set \"%s\" size %llu", name, a->size);
+		logit("set \"%s\" size %llu",
+		    name, (unsigned long long)a->size);
 		ret = truncate(name, a->size);
 		if (ret == -1)
 			status = errno_to_portable(errno);
@@ -754,7 +756,8 @@ process_fsetstat(void)
 		char *name = handle_to_name(handle);
 
 		if (a->flags & SSH2_FILEXFER_ATTR_SIZE) {
-			logit("set \"%s\" size %llu", name, a->size);
+			logit("set \"%s\" size %llu",
+			    name, (unsigned long long)a->size);
 			ret = ftruncate(fd, a->size);
 			if (ret == -1)
 				status = errno_to_portable(errno);
-- 
cgit v1.2.3


From e9405983dc1cf9399e560e70f7c681ba62e09131 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Sun, 20 May 2007 15:09:04 +1000
Subject:    - djm@cvs.openbsd.org 2007/05/17 07:55:29      [sftp-server.c]    
  bz#1286 stop reading and processing commands when input or output buffer    
  is nearly full, otherwise sftp-server would happily try to grow the     
 input/output buffers past the maximum supported by the buffer API and     
 promptly fatal()      based on patch from Thue Janus Kristensen; feedback &
 ok dtucker@

---
 ChangeLog     |  9 ++++++++-
 sftp-server.c | 25 +++++++++++++++++++------
 2 files changed, 27 insertions(+), 7 deletions(-)

(limited to 'sftp-server.c')

diff --git a/ChangeLog b/ChangeLog
index c189c7810..2bc077cf7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,6 +15,13 @@
    - djm@cvs.openbsd.org 2007/05/17 07:50:31
      [log.c]
      save and restore errno when logging; ok deraadt@
+   - djm@cvs.openbsd.org 2007/05/17 07:55:29
+     [sftp-server.c]
+     bz#1286 stop reading and processing commands when input or output buffer
+     is nearly full, otherwise sftp-server would happily try to grow the
+     input/output buffers past the maximum supported by the buffer API and
+     promptly fatal()
+     based on patch from Thue Janus Kristensen; feedback & ok dtucker@
 
 20070509
  - (tim) [configure.ac] Bug #1287: Add missing test for ucred.h.
@@ -2915,4 +2922,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4664 2007/05/20 05:08:15 dtucker Exp $
+$Id: ChangeLog,v 1.4665 2007/05/20 05:09:04 dtucker Exp $
diff --git a/sftp-server.c b/sftp-server.c
index d68584b52..76edebc5a 100644
--- a/sftp-server.c
+++ b/sftp-server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-server.c,v 1.72 2007/04/18 01:12:43 stevesk Exp $ */
+/* $OpenBSD: sftp-server.c,v 1.73 2007/05/17 07:55:29 djm Exp $ */
 /*
  * Copyright (c) 2000-2004 Markus Friedl.  All rights reserved.
  *
@@ -1214,7 +1214,7 @@ main(int argc, char **argv)
 	int in, out, max, ch, skipargs = 0, log_stderr = 0;
 	ssize_t len, olen, set_size;
 	SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;
-	char *cp;
+	char *cp, buf[4*4096];
 
 	extern char *optarg;
 	extern char *__progname;
@@ -1298,7 +1298,15 @@ main(int argc, char **argv)
 		memset(rset, 0, set_size);
 		memset(wset, 0, set_size);
 
-		FD_SET(in, rset);
+		/*
+		 * Ensure that we can read a full buffer and handle
+		 * the worst-case length packet it can generate,
+		 * otherwise apply backpressure by stopping reads.
+		 */
+		if (buffer_check_alloc(&iqueue, sizeof(buf)) &&
+		    buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
+			FD_SET(in, rset);
+
 		olen = buffer_len(&oqueue);
 		if (olen > 0)
 			FD_SET(out, wset);
@@ -1312,7 +1320,6 @@ main(int argc, char **argv)
 
 		/* copy stdin to iqueue */
 		if (FD_ISSET(in, rset)) {
-			char buf[4*4096];
 			len = read(in, buf, sizeof buf);
 			if (len == 0) {
 				debug("read eof");
@@ -1334,7 +1341,13 @@ main(int argc, char **argv)
 				buffer_consume(&oqueue, len);
 			}
 		}
-		/* process requests from client */
-		process();
+
+		/*
+		 * Process requests from client if we can fit the results
+		 * into the output buffer, otherwise stop processing input
+		 * and let the output queue drain.
+		 */
+		if (buffer_check_alloc(&oqueue, SFTP_MAX_MSG_LENGTH))
+			process();
 	}
 }
-- 
cgit v1.2.3