mirror of
https://sourceware.org/git/glibc.git
synced 2024-12-23 19:30:10 +00:00
abb66a672f
The current tftp structure does not work when fortification is enabled. Starting with gcc-4.5, more size checking was added to trigger these. Older versions just didn't have enough information, so they returned -1 as the sizes. First, the tu_stuff field is declared as 1 byte (when it's really an arbitrary length C string), so attempting to strcpy() with it results in crashes. This fails with _FORTIFY_SOURCE=1. Second, even if we change that to [0] (since gcc does not allow flexible array members in an union), gcc is not smart enough to see that they are two overlapping flexible arrays (tu_stuff and tu_data), so it will still trigger an abort with _FORTIFY_SOURCE=2. This is because it thinks that tu_stuff is 0 bytes and tu_data comes after it. Talking to upstream gcc, they don't seem terribly inclined to fix the 2nd issue, but even if they did, we still have plenty of 4.5 and 4.6 installs that would hit problems. So, let's re-order with a few more anonymous structs & unions so that the fields are laid out with a zero-length array always as the last field. This seems to fix things with gcc-4.6, and the tftp-hpa pkg continues to build & work. URL: https://bugs.launchpad.net/ubuntu/+source/tftp-hpa/+bug/691345 URL: https://bugs.archlinux.org/task/28103 URL: https://bugs.gentoo.org/357083 URL: http://gcc.gnu.org/PR52944 Signed-off-by: Mike Frysinger <vapier@gentoo.org>
83 lines
3.0 KiB
C
83 lines
3.0 KiB
C
/*
|
|
* Copyright (c) 1983, 1993
|
|
* The Regents of the University of California. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 4. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*
|
|
* @(#)tftp.h 8.1 (Berkeley) 6/2/93
|
|
*/
|
|
|
|
#ifndef _ARPA_TFTP_H
|
|
#define _ARPA_TFTP_H 1
|
|
|
|
/*
|
|
* Trivial File Transfer Protocol (IEN-133)
|
|
*/
|
|
#define SEGSIZE 512 /* data segment size */
|
|
|
|
/*
|
|
* Packet types.
|
|
*/
|
|
#define RRQ 01 /* read request */
|
|
#define WRQ 02 /* write request */
|
|
#define DATA 03 /* data packet */
|
|
#define ACK 04 /* acknowledgement */
|
|
#define ERROR 05 /* error code */
|
|
|
|
struct tftphdr {
|
|
short th_opcode; /* packet type */
|
|
union {
|
|
char tu_padding[3]; /* sizeof() compat */
|
|
struct {
|
|
union {
|
|
unsigned short tu_block; /* block # */
|
|
short tu_code; /* error code */
|
|
} __attribute__ ((__packed__)) th_u3;
|
|
char tu_data[0]; /* data or error string */
|
|
} __attribute__ ((__packed__)) th_u2;
|
|
char tu_stuff[0]; /* request packet stuff */
|
|
} __attribute__ ((__packed__)) th_u1;
|
|
} __attribute__ ((__packed__));
|
|
|
|
#define th_block th_u1.th_u2.th_u3.tu_block
|
|
#define th_code th_u1.th_u2.th_u3.tu_code
|
|
#define th_stuff th_u1.tu_stuff
|
|
#define th_data th_u1.th_u2.tu_data
|
|
#define th_msg th_u1.th_u2.tu_data
|
|
|
|
/*
|
|
* Error codes.
|
|
*/
|
|
#define EUNDEF 0 /* not defined */
|
|
#define ENOTFOUND 1 /* file not found */
|
|
#define EACCESS 2 /* access violation */
|
|
#define ENOSPACE 3 /* disk full or allocation exceeded */
|
|
#define EBADOP 4 /* illegal TFTP operation */
|
|
#define EBADID 5 /* unknown transfer ID */
|
|
#define EEXISTS 6 /* file already exists */
|
|
#define ENOUSER 7 /* no such user */
|
|
|
|
#endif /* arpa/tftp.h */
|