[U-Boot-Users] [PATCH] tftp: don't implicity trust the format of recevied packets
Wolfgang Denk
wd at denx.de
Thu Aug 30 09:18:04 CEST 2007
In message <20070830002624.4040.18733.stgit at trillian.cg.shawcable.net> you wrote:
> From: Grant Likely <grant.likely at secretlab.ca>
>
> The TFTP OACK code trusts that the incoming packet is formated as ASCII
> text and can be processed by string functions. It also as a loop limit
> overflow bug where if the packet length is less than 8, it ends up
> looping over *all* of memory to find the 'blksize' string.
>
> This patch solves the problem by forcing the packet to be null
> terminated and using strstr() to search for the sub string.
>
> Signed-off-by: Grant Likely <grant.likely at secretlab.ca>
Thanks a lot. Applied.
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd at denx.de
Life is a game. Money is how we keep score. - Ted Turner
More information about the U-Boot
mailing list