Cap the maximum SFTP write value to 32768 bytes
Resolves: RHEL-5485 Signed-off-by: Sahana Prasad <sahana@redhat.com>
This commit is contained in:
parent
57094428a4
commit
0e94b4d5ee
@ -1,6 +1,6 @@
|
|||||||
Name: libssh
|
Name: libssh
|
||||||
Version: 0.9.6
|
Version: 0.9.6
|
||||||
Release: 12%{?dist}
|
Release: 13%{?dist}
|
||||||
Summary: A library implementing the SSH protocol
|
Summary: A library implementing the SSH protocol
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
URL: http://www.libssh.org
|
URL: http://www.libssh.org
|
||||||
@ -17,6 +17,7 @@ Patch2: null_dereference_rekey.patch
|
|||||||
Patch3: auth_bypass.patch
|
Patch3: auth_bypass.patch
|
||||||
Patch4: fix_tests.patch
|
Patch4: fix_tests.patch
|
||||||
Patch5: covscan23.patch
|
Patch5: covscan23.patch
|
||||||
|
Patch6: sftp_write_cap.patch
|
||||||
|
|
||||||
BuildRequires: cmake
|
BuildRequires: cmake
|
||||||
BuildRequires: doxygen
|
BuildRequires: doxygen
|
||||||
@ -145,6 +146,10 @@ popd
|
|||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Sep 20 2023 Sahana Prasad <sahana@redhat.com> - 0.9.6-13
|
||||||
|
- Cap the maximum SFTP write value to 32768 bytes
|
||||||
|
- Resolves: RHEL-5485
|
||||||
|
|
||||||
* Mon May 15 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-12
|
* Mon May 15 2023 Norbert Pocs <npocs@redhat.com> - 0.9.6-12
|
||||||
- Fix loglevel regression
|
- Fix loglevel regression
|
||||||
- Related: rhbz#2182251, rhbz#2189742
|
- Related: rhbz#2182251, rhbz#2189742
|
||||||
|
34
sftp_write_cap.patch
Normal file
34
sftp_write_cap.patch
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
diff -up libssh-0.10.4/include/libssh/sftp.h-cap libssh-0.10.4/include/libssh/sftp.h
|
||||||
|
--- libssh-0.10.4/include/libssh/sftp.h-cap 2023-09-19 11:28:41.304353437 +0200
|
||||||
|
+++ libssh-0.10.4/include/libssh/sftp.h 2023-09-19 11:34:20.828666252 +0200
|
||||||
|
@@ -550,6 +550,10 @@ LIBSSH_API int sftp_async_read(sftp_file
|
||||||
|
/**
|
||||||
|
* @brief Write to a file using an opened sftp file handle.
|
||||||
|
*
|
||||||
|
+ * The maximum size of the SFTP packet payload is 32768 bytes so the count
|
||||||
|
+ * parameter is capped at this value. This is low-level function so it does not
|
||||||
|
+ * try to send more than this amount of data.
|
||||||
|
+ *
|
||||||
|
* @param file Open sftp file handle to write to.
|
||||||
|
*
|
||||||
|
* @param buf Pointer to buffer to write data.
|
||||||
|
diff -up libssh-0.10.4/src/sftp.c-cap libssh-0.10.4/src/sftp.c
|
||||||
|
--- libssh-0.10.4/src/sftp.c-cap 2023-09-19 11:29:02.897569013 +0200
|
||||||
|
+++ libssh-0.10.4/src/sftp.c 2023-09-19 11:30:36.827506743 +0200
|
||||||
|
@@ -2179,6 +2179,16 @@ ssize_t sftp_write(sftp_file file, const
|
||||||
|
|
||||||
|
id = sftp_get_new_id(file->sftp);
|
||||||
|
|
||||||
|
+ /* limit the writes to the maximum specified in Section 3 of
|
||||||
|
+ * https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02
|
||||||
|
+ *
|
||||||
|
+ * FIXME: This value should be adjusted to the value from the
|
||||||
|
+ * limits@openssh.com extension if supported
|
||||||
|
+ * TODO: We should iterate over the blocks rather than writing less than
|
||||||
|
+ * requested to provide less surprises to the calling applications.
|
||||||
|
+ */
|
||||||
|
+ count = count > 32768 ? 32768 : count;
|
||||||
|
+
|
||||||
|
rc = ssh_buffer_pack(buffer,
|
||||||
|
"dSqdP",
|
||||||
|
id,
|
Loading…
Reference in New Issue
Block a user