X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=sftp.c;h=5685c79ea7a68c2b02945c54cef15721efc72a8a;hb=bda87b39e40ec4e75309cdf778dfc9cd339fdeeb;hp=a55262a7ced228b66bdcc732f848754a60657f95;hpb=d64907553943e368130fec2076536a2d8c1adc79;p=PuTTY.git diff --git a/sftp.c b/sftp.c index a55262a7..5685c79e 100644 --- a/sftp.c +++ b/sftp.c @@ -13,41 +13,30 @@ #include "tree234.h" #include "sftp.h" -#define GET_32BIT(cp) \ - (((unsigned long)(unsigned char)(cp)[0] << 24) | \ - ((unsigned long)(unsigned char)(cp)[1] << 16) | \ - ((unsigned long)(unsigned char)(cp)[2] << 8) | \ - ((unsigned long)(unsigned char)(cp)[3])) - -#define PUT_32BIT(cp, value) { \ - (cp)[0] = (unsigned char)((value) >> 24); \ - (cp)[1] = (unsigned char)((value) >> 16); \ - (cp)[2] = (unsigned char)((value) >> 8); \ - (cp)[3] = (unsigned char)(value); } - struct sftp_packet { char *data; - int length, maxlen; - int savedpos; + unsigned length, maxlen; + unsigned savedpos; int type; }; static const char *fxp_error_message; static int fxp_errtype; -static void fxp_internal_error(char *msg); +static void fxp_internal_error(const char *msg); /* ---------------------------------------------------------------------- * SFTP packet construction functions. */ static void sftp_pkt_ensure(struct sftp_packet *pkt, int length) { - if (pkt->maxlen < length) { + if ((int)pkt->maxlen < length) { pkt->maxlen = length + 256; pkt->data = sresize(pkt->data, pkt->maxlen, char); } } -static void sftp_pkt_adddata(struct sftp_packet *pkt, void *data, int len) +static void sftp_pkt_adddata(struct sftp_packet *pkt, + const void *data, int len) { pkt->length += len; sftp_pkt_ensure(pkt, pkt->length); @@ -57,6 +46,13 @@ static void sftp_pkt_addbyte(struct sftp_packet *pkt, unsigned char byte) { sftp_pkt_adddata(pkt, &byte, 1); } +static void sftp_pkt_adduint32(struct sftp_packet *pkt, + unsigned long value) +{ + unsigned char x[4]; + PUT_32BIT(x, value); + sftp_pkt_adddata(pkt, x, 4); +} static struct sftp_packet *sftp_pkt_init(int pkt_type) { struct sftp_packet *pkt; @@ -65,6 +61,7 @@ static struct sftp_packet *sftp_pkt_init(int pkt_type) pkt->savedpos = -1; pkt->length = 0; pkt->maxlen = 0; + sftp_pkt_adduint32(pkt, 0); /* length field will be filled in later */ sftp_pkt_addbyte(pkt, (unsigned char) pkt_type); return pkt; } @@ -74,13 +71,6 @@ static void sftp_pkt_addbool(struct sftp_packet *pkt, unsigned char value) sftp_pkt_adddata(pkt, &value, 1); } */ -static void sftp_pkt_adduint32(struct sftp_packet *pkt, - unsigned long value) -{ - unsigned char x[4]; - PUT_32BIT(x, value); - sftp_pkt_adddata(pkt, x, 4); -} static void sftp_pkt_adduint64(struct sftp_packet *pkt, uint64 value) { unsigned char x[8]; @@ -93,18 +83,18 @@ static void sftp_pkt_addstring_start(struct sftp_packet *pkt) sftp_pkt_adduint32(pkt, 0); pkt->savedpos = pkt->length; } -static void sftp_pkt_addstring_str(struct sftp_packet *pkt, char *data) +static void sftp_pkt_addstring_str(struct sftp_packet *pkt, const char *data) { sftp_pkt_adddata(pkt, data, strlen(data)); PUT_32BIT(pkt->data + pkt->savedpos - 4, pkt->length - pkt->savedpos); } static void sftp_pkt_addstring_data(struct sftp_packet *pkt, - char *data, int len) + const char *data, int len) { sftp_pkt_adddata(pkt, data, len); PUT_32BIT(pkt->data + pkt->savedpos - 4, pkt->length - pkt->savedpos); } -static void sftp_pkt_addstring(struct sftp_packet *pkt, char *data) +static void sftp_pkt_addstring(struct sftp_packet *pkt, const char *data) { sftp_pkt_addstring_start(pkt); sftp_pkt_addstring_str(pkt, data); @@ -139,61 +129,67 @@ static void sftp_pkt_addattrs(struct sftp_packet *pkt, struct fxp_attrs attrs) * SFTP packet decode functions. */ -static unsigned char sftp_pkt_getbyte(struct sftp_packet *pkt) +static int sftp_pkt_getbyte(struct sftp_packet *pkt, unsigned char *ret) { - unsigned char value; if (pkt->length - pkt->savedpos < 1) - return 0; /* arrgh, no way to decline (FIXME?) */ - value = (unsigned char) pkt->data[pkt->savedpos]; + return 0; + *ret = (unsigned char) pkt->data[pkt->savedpos]; pkt->savedpos++; - return value; + return 1; } -static unsigned long sftp_pkt_getuint32(struct sftp_packet *pkt) +static int sftp_pkt_getuint32(struct sftp_packet *pkt, unsigned long *ret) { - unsigned long value; if (pkt->length - pkt->savedpos < 4) - return 0; /* arrgh, no way to decline (FIXME?) */ - value = GET_32BIT(pkt->data + pkt->savedpos); + return 0; + *ret = GET_32BIT(pkt->data + pkt->savedpos); pkt->savedpos += 4; - return value; + return 1; } -static void sftp_pkt_getstring(struct sftp_packet *pkt, - char **p, int *length) +static int sftp_pkt_getstring(struct sftp_packet *pkt, + char **p, int *length) { *p = NULL; if (pkt->length - pkt->savedpos < 4) - return; - *length = GET_32BIT(pkt->data + pkt->savedpos); + return 0; + *length = toint(GET_32BIT(pkt->data + pkt->savedpos)); pkt->savedpos += 4; - if (pkt->length - pkt->savedpos < *length) - return; + if ((int)(pkt->length - pkt->savedpos) < *length || *length < 0) { + *length = 0; + return 0; + } *p = pkt->data + pkt->savedpos; pkt->savedpos += *length; + return 1; } -static struct fxp_attrs sftp_pkt_getattrs(struct sftp_packet *pkt) +static int sftp_pkt_getattrs(struct sftp_packet *pkt, struct fxp_attrs *ret) { - struct fxp_attrs ret; - ret.flags = sftp_pkt_getuint32(pkt); - if (ret.flags & SSH_FILEXFER_ATTR_SIZE) { + if (!sftp_pkt_getuint32(pkt, &ret->flags)) + return 0; + if (ret->flags & SSH_FILEXFER_ATTR_SIZE) { unsigned long hi, lo; - hi = sftp_pkt_getuint32(pkt); - lo = sftp_pkt_getuint32(pkt); - ret.size = uint64_make(hi, lo); + if (!sftp_pkt_getuint32(pkt, &hi) || + !sftp_pkt_getuint32(pkt, &lo)) + return 0; + ret->size = uint64_make(hi, lo); } - if (ret.flags & SSH_FILEXFER_ATTR_UIDGID) { - ret.uid = sftp_pkt_getuint32(pkt); - ret.gid = sftp_pkt_getuint32(pkt); + if (ret->flags & SSH_FILEXFER_ATTR_UIDGID) { + if (!sftp_pkt_getuint32(pkt, &ret->uid) || + !sftp_pkt_getuint32(pkt, &ret->gid)) + return 0; } - if (ret.flags & SSH_FILEXFER_ATTR_PERMISSIONS) { - ret.permissions = sftp_pkt_getuint32(pkt); + if (ret->flags & SSH_FILEXFER_ATTR_PERMISSIONS) { + if (!sftp_pkt_getuint32(pkt, &ret->permissions)) + return 0; } - if (ret.flags & SSH_FILEXFER_ATTR_ACMODTIME) { - ret.atime = sftp_pkt_getuint32(pkt); - ret.mtime = sftp_pkt_getuint32(pkt); + if (ret->flags & SSH_FILEXFER_ATTR_ACMODTIME) { + if (!sftp_pkt_getuint32(pkt, &ret->atime) || + !sftp_pkt_getuint32(pkt, &ret->mtime)) + return 0; } - if (ret.flags & SSH_FILEXFER_ATTR_EXTENDED) { - int count; - count = sftp_pkt_getuint32(pkt); + if (ret->flags & SSH_FILEXFER_ATTR_EXTENDED) { + unsigned long count; + if (!sftp_pkt_getuint32(pkt, &count)) + return 0; while (count--) { char *str; int len; @@ -201,11 +197,12 @@ static struct fxp_attrs sftp_pkt_getattrs(struct sftp_packet *pkt) * We should try to analyse these, if we ever find one * we recognise. */ - sftp_pkt_getstring(pkt, &str, &len); - sftp_pkt_getstring(pkt, &str, &len); + if (!sftp_pkt_getstring(pkt, &str, &len) || + !sftp_pkt_getstring(pkt, &str, &len)) + return 0; } } - return ret; + return 1; } static void sftp_pkt_free(struct sftp_packet *pkt) { @@ -220,9 +217,8 @@ static void sftp_pkt_free(struct sftp_packet *pkt) int sftp_send(struct sftp_packet *pkt) { int ret; - char x[4]; - PUT_32BIT(x, pkt->length); - ret = (sftp_senddata(x, 4) && sftp_senddata(pkt->data, pkt->length)); + PUT_32BIT(pkt->data, pkt->length - 4); + ret = sftp_senddata(pkt->data, pkt->length); sftp_pkt_free(pkt); return ret; } @@ -230,6 +226,7 @@ struct sftp_packet *sftp_recv(void) { struct sftp_packet *pkt; char x[4]; + unsigned char uc; if (!sftp_recvdata(x, 4)) return NULL; @@ -244,7 +241,12 @@ struct sftp_packet *sftp_recv(void) return NULL; } - pkt->type = sftp_pkt_getbyte(pkt); + if (!sftp_pkt_getbyte(pkt, &uc)) { + sftp_pkt_free(pkt); + return NULL; + } else { + pkt->type = uc; + } return pkt; } @@ -336,7 +338,7 @@ static struct sftp_request *sftp_alloc_request(void) void sftp_cleanup_request(void) { - if (sftp_requests == NULL) { + if (sftp_requests != NULL) { freetree234(sftp_requests); sftp_requests = NULL; } @@ -350,6 +352,7 @@ void sftp_register(struct sftp_request *req) struct sftp_request *sftp_find_request(struct sftp_packet *pktin) { unsigned long id; + unsigned fid; struct sftp_request *req; if (!pktin) { @@ -357,12 +360,15 @@ struct sftp_request *sftp_find_request(struct sftp_packet *pktin) return NULL; } - id = sftp_pkt_getuint32(pktin); - req = find234(sftp_requests, &id, sftp_reqfind); + if (!sftp_pkt_getuint32(pktin, &id)) { + fxp_internal_error("did not receive a valid SFTP packet\n"); + return NULL; + } + fid = (unsigned)id; + req = find234(sftp_requests, &fid, sftp_reqfind); if (!req || !req->registered) { fxp_internal_error("request ID mismatch\n"); - sftp_pkt_free(pktin); return NULL; } @@ -413,12 +419,18 @@ static int fxp_got_status(struct sftp_packet *pktin) fxp_error_message = "expected FXP_STATUS packet"; fxp_errtype = -1; } else { - fxp_errtype = sftp_pkt_getuint32(pktin); - if (fxp_errtype < 0 || - fxp_errtype >= sizeof(messages) / sizeof(*messages)) + unsigned long ul; + if (!sftp_pkt_getuint32(pktin, &ul)) { + fxp_error_message = "malformed FXP_STATUS packet"; + fxp_errtype = -1; + } else { + fxp_errtype = ul; + if (fxp_errtype < 0 || + fxp_errtype >= sizeof(messages) / sizeof(*messages)) fxp_error_message = "unknown error code"; - else - fxp_error_message = messages[fxp_errtype]; + else + fxp_error_message = messages[fxp_errtype]; + } } if (fxp_errtype == SSH_FX_OK) @@ -429,7 +441,7 @@ static int fxp_got_status(struct sftp_packet *pktin) return -1; } -static void fxp_internal_error(char *msg) +static void fxp_internal_error(const char *msg) { fxp_error_message = msg; fxp_errtype = -1; @@ -451,7 +463,7 @@ int fxp_error_type(void) int fxp_init(void) { struct sftp_packet *pktout, *pktin; - int remotever; + unsigned long remotever; pktout = sftp_pkt_init(SSH_FXP_INIT); sftp_pkt_adduint32(pktout, SFTP_PROTO_VERSION); @@ -467,7 +479,11 @@ int fxp_init(void) sftp_pkt_free(pktin); return 0; } - remotever = sftp_pkt_getuint32(pktin); + if (!sftp_pkt_getuint32(pktin, &remotever)) { + fxp_internal_error("malformed FXP_VERSION packet"); + sftp_pkt_free(pktin); + return 0; + } if (remotever > SFTP_PROTO_VERSION) { fxp_internal_error ("remote protocol is more advanced than we support"); @@ -488,7 +504,7 @@ int fxp_init(void) /* * Canonify a pathname. */ -struct sftp_request *fxp_realpath_send(char *path) +struct sftp_request *fxp_realpath_send(const char *path) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -507,18 +523,16 @@ char *fxp_realpath_recv(struct sftp_packet *pktin, struct sftp_request *req) sfree(req); if (pktin->type == SSH_FXP_NAME) { - int count; + unsigned long count; char *path; int len; - count = sftp_pkt_getuint32(pktin); - if (count != 1) { - fxp_internal_error("REALPATH returned name count != 1\n"); + if (!sftp_pkt_getuint32(pktin, &count) || count != 1) { + fxp_internal_error("REALPATH did not return name count of 1\n"); sftp_pkt_free(pktin); return NULL; } - sftp_pkt_getstring(pktin, &path, &len); - if (!path) { + if (!sftp_pkt_getstring(pktin, &path, &len)) { fxp_internal_error("REALPATH returned malformed FXP_NAME\n"); sftp_pkt_free(pktin); return NULL; @@ -536,7 +550,8 @@ char *fxp_realpath_recv(struct sftp_packet *pktin, struct sftp_request *req) /* * Open a file. */ -struct sftp_request *fxp_open_send(char *path, int type) +struct sftp_request *fxp_open_send(const char *path, int type, + struct fxp_attrs *attrs) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -545,7 +560,10 @@ struct sftp_request *fxp_open_send(char *path, int type) sftp_pkt_adduint32(pktout, req->id); sftp_pkt_addstring(pktout, path); sftp_pkt_adduint32(pktout, type); - sftp_pkt_adduint32(pktout, 0); /* (FIXME) empty ATTRS structure */ + if (attrs) + sftp_pkt_addattrs(pktout, *attrs); + else + sftp_pkt_adduint32(pktout, 0); /* empty ATTRS structure */ sftp_send(pktout); return req; @@ -561,8 +579,7 @@ struct fxp_handle *fxp_open_recv(struct sftp_packet *pktin, struct fxp_handle *handle; int len; - sftp_pkt_getstring(pktin, &hstring, &len); - if (!hstring) { + if (!sftp_pkt_getstring(pktin, &hstring, &len)) { fxp_internal_error("OPEN returned malformed FXP_HANDLE\n"); sftp_pkt_free(pktin); return NULL; @@ -582,7 +599,7 @@ struct fxp_handle *fxp_open_recv(struct sftp_packet *pktin, /* * Open a directory. */ -struct sftp_request *fxp_opendir_send(char *path) +struct sftp_request *fxp_opendir_send(const char *path) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -604,8 +621,7 @@ struct fxp_handle *fxp_opendir_recv(struct sftp_packet *pktin, struct fxp_handle *handle; int len; - sftp_pkt_getstring(pktin, &hstring, &len); - if (!hstring) { + if (!sftp_pkt_getstring(pktin, &hstring, &len)) { fxp_internal_error("OPENDIR returned malformed FXP_HANDLE\n"); sftp_pkt_free(pktin); return NULL; @@ -642,14 +658,15 @@ struct sftp_request *fxp_close_send(struct fxp_handle *handle) return req; } -void fxp_close_recv(struct sftp_packet *pktin, struct sftp_request *req) +int fxp_close_recv(struct sftp_packet *pktin, struct sftp_request *req) { sfree(req); fxp_got_status(pktin); sftp_pkt_free(pktin); + return fxp_errtype == SSH_FX_OK; } -struct sftp_request *fxp_mkdir_send(char *path) +struct sftp_request *fxp_mkdir_send(const char *path) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -675,7 +692,7 @@ int fxp_mkdir_recv(struct sftp_packet *pktin, struct sftp_request *req) return 1; } -struct sftp_request *fxp_rmdir_send(char *path) +struct sftp_request *fxp_rmdir_send(const char *path) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -700,7 +717,7 @@ int fxp_rmdir_recv(struct sftp_packet *pktin, struct sftp_request *req) return 1; } -struct sftp_request *fxp_remove_send(char *fname) +struct sftp_request *fxp_remove_send(const char *fname) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -725,7 +742,8 @@ int fxp_remove_recv(struct sftp_packet *pktin, struct sftp_request *req) return 1; } -struct sftp_request *fxp_rename_send(char *srcfname, char *dstfname) +struct sftp_request *fxp_rename_send(const char *srcfname, + const char *dstfname) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -755,7 +773,7 @@ int fxp_rename_recv(struct sftp_packet *pktin, struct sftp_request *req) * Retrieve the attributes of a file. We have fxp_stat which works * on filenames, and fxp_fstat which works on open file handles. */ -struct sftp_request *fxp_stat_send(char *fname) +struct sftp_request *fxp_stat_send(const char *fname) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -773,8 +791,12 @@ int fxp_stat_recv(struct sftp_packet *pktin, struct sftp_request *req, { sfree(req); if (pktin->type == SSH_FXP_ATTRS) { - *attrs = sftp_pkt_getattrs(pktin); - sftp_pkt_free(pktin); + if (!sftp_pkt_getattrs(pktin, attrs)) { + fxp_internal_error("malformed SSH_FXP_ATTRS packet"); + sftp_pkt_free(pktin); + return 0; + } + sftp_pkt_free(pktin); return 1; } else { fxp_got_status(pktin); @@ -802,8 +824,12 @@ int fxp_fstat_recv(struct sftp_packet *pktin, struct sftp_request *req, { sfree(req); if (pktin->type == SSH_FXP_ATTRS) { - *attrs = sftp_pkt_getattrs(pktin); - sftp_pkt_free(pktin); + if (!sftp_pkt_getattrs(pktin, attrs)) { + fxp_internal_error("malformed SSH_FXP_ATTRS packet"); + sftp_pkt_free(pktin); + return 0; + } + sftp_pkt_free(pktin); return 1; } else { fxp_got_status(pktin); @@ -815,7 +841,8 @@ int fxp_fstat_recv(struct sftp_packet *pktin, struct sftp_request *req, /* * Set the attributes of a file. */ -struct sftp_request *fxp_setstat_send(char *fname, struct fxp_attrs attrs) +struct sftp_request *fxp_setstat_send(const char *fname, + struct fxp_attrs attrs) { struct sftp_request *req = sftp_alloc_request(); struct sftp_packet *pktout; @@ -900,7 +927,11 @@ int fxp_read_recv(struct sftp_packet *pktin, struct sftp_request *req, char *str; int rlen; - sftp_pkt_getstring(pktin, &str, &rlen); + if (!sftp_pkt_getstring(pktin, &str, &rlen)) { + fxp_internal_error("READ returned malformed SSH_FXP_DATA packet"); + sftp_pkt_free(pktin); + return -1; + } if (rlen > len || rlen < 0) { fxp_internal_error("READ returned more bytes than requested"); @@ -941,18 +972,55 @@ struct fxp_names *fxp_readdir_recv(struct sftp_packet *pktin, sfree(req); if (pktin->type == SSH_FXP_NAME) { struct fxp_names *ret; - int i; + unsigned long i; + + /* + * Sanity-check the number of names. Minimum is obviously + * zero. Maximum is the remaining space in the packet + * divided by the very minimum length of a name, which is + * 12 bytes (4 for an empty filename, 4 for an empty + * longname, 4 for a set of attribute flags indicating that + * no other attributes are supplied). + */ + if (!sftp_pkt_getuint32(pktin, &i) || + i > (pktin->length-pktin->savedpos)/12) { + fxp_internal_error("malformed FXP_NAME packet"); + sftp_pkt_free(pktin); + return NULL; + } + + /* + * Ensure the implicit multiplication in the snewn() call + * doesn't suffer integer overflow and cause us to malloc + * too little space. + */ + if (i > INT_MAX / sizeof(struct fxp_name)) { + fxp_internal_error("unreasonably large FXP_NAME packet"); + sftp_pkt_free(pktin); + return NULL; + } + ret = snew(struct fxp_names); - ret->nnames = sftp_pkt_getuint32(pktin); + ret->nnames = i; ret->names = snewn(ret->nnames, struct fxp_name); - for (i = 0; i < ret->nnames; i++) { - char *str; - int len; - sftp_pkt_getstring(pktin, &str, &len); - ret->names[i].filename = mkstr(str, len); - sftp_pkt_getstring(pktin, &str, &len); - ret->names[i].longname = mkstr(str, len); - ret->names[i].attrs = sftp_pkt_getattrs(pktin); + for (i = 0; i < (unsigned long)ret->nnames; i++) { + char *str1, *str2; + int len1, len2; + if (!sftp_pkt_getstring(pktin, &str1, &len1) || + !sftp_pkt_getstring(pktin, &str2, &len2) || + !sftp_pkt_getattrs(pktin, &ret->names[i].attrs)) { + fxp_internal_error("malformed FXP_NAME packet"); + while (i--) { + sfree(ret->names[i].filename); + sfree(ret->names[i].longname); + } + sfree(ret->names); + sfree(ret); + sfree(pktin); + return NULL; + } + ret->names[i].filename = mkstr(str1, len1); + ret->names[i].longname = mkstr(str2, len2); } sftp_pkt_free(pktin); return ret; @@ -1070,7 +1138,7 @@ static struct fxp_xfer *xfer_init(struct fxp_handle *fh, uint64 offset) xfer->offset = offset; xfer->head = xfer->tail = NULL; xfer->req_totalsize = 0; - xfer->req_maxsize = 16384; + xfer->req_maxsize = 1048576; xfer->err = 0; xfer->filesize = uint64_make(ULONG_MAX, ULONG_MAX); xfer->furthestdata = uint64_make(0, 0); @@ -1110,7 +1178,7 @@ void xfer_download_queue(struct fxp_xfer *xfer) xfer->tail = rr; rr->next = NULL; - rr->len = 4096; + rr->len = 32768; rr->buffer = snewn(rr->len, char); sftp_register(req = fxp_read_send(xfer->fh, rr->offset, rr->len)); fxp_set_userdata(req, rr); @@ -1134,15 +1202,23 @@ struct fxp_xfer *xfer_download_init(struct fxp_handle *fh, uint64 offset) return xfer; } +/* + * Returns INT_MIN to indicate that it didn't even get as far as + * fxp_read_recv and hence has not freed pktin. + */ int xfer_download_gotpkt(struct fxp_xfer *xfer, struct sftp_packet *pktin) { struct sftp_request *rreq; struct req *rr; rreq = sftp_find_request(pktin); + if (!rreq) + return INT_MIN; /* this packet doesn't even make sense */ rr = (struct req *)fxp_get_userdata(rreq); - if (!rr) - return 0; /* this packet isn't ours */ + if (!rr) { + fxp_internal_error("request ID is not part of the current download"); + return INT_MIN; /* this packet isn't ours */ + } rr->retlen = fxp_read_recv(pktin, rreq, rr->buffer, rr->len); #ifdef DEBUG_DOWNLOAD printf("read request %p has returned [%d]\n", rr, rr->retlen); @@ -1276,7 +1352,7 @@ struct fxp_xfer *xfer_upload_init(struct fxp_handle *fh, uint64 offset) int xfer_upload_ready(struct fxp_xfer *xfer) { - if (xfer->req_totalsize < xfer->req_maxsize) + if (sftp_sendbuffer() == 0) return 1; else return 0; @@ -1313,6 +1389,10 @@ void xfer_upload_data(struct fxp_xfer *xfer, char *buffer, int len) #endif } +/* + * Returns INT_MIN to indicate that it didn't even get as far as + * fxp_write_recv and hence has not freed pktin. + */ int xfer_upload_gotpkt(struct fxp_xfer *xfer, struct sftp_packet *pktin) { struct sftp_request *rreq; @@ -1320,9 +1400,13 @@ int xfer_upload_gotpkt(struct fxp_xfer *xfer, struct sftp_packet *pktin) int ret; rreq = sftp_find_request(pktin); + if (!rreq) + return INT_MIN; /* this packet doesn't even make sense */ rr = (struct req *)fxp_get_userdata(rreq); - if (!rr) - return 0; /* this packet isn't ours */ + if (!rr) { + fxp_internal_error("request ID is not part of the current upload"); + return INT_MIN; /* this packet isn't ours */ + } ret = fxp_write_recv(pktin, rreq); #ifdef DEBUG_UPLOAD printf("write request %p has returned [%d]\n", rr, ret);