shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 18:04:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

sftp: Handle read/write limits in the old low-level SFTP API

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This commit is contained in:
Jakub Jelen
2024-01-15 11:05:59 +01:00
parent 172f6bfb47
commit 4172752b4b
2 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
include/libssh/sftp.h
View File

@@ -489,6 +489,11 @@ LIBSSH_API void sftp_file_set_blocking(sftp_file handle);
/** /**
* @brief Read from a file using an opened sftp file handle. * @brief Read from a file using an opened sftp file handle.
* *
* This function caps the length a user is allowed to read from an sftp file.
*
* The value used for the cap is same as the value of the max_read_length
* field of the sftp_limits_t returned by sftp_limits().
*
* @param file The opened sftp file handle to be read from. * @param file The opened sftp file handle to be read from.
* *
* @param buf Pointer to buffer to receive read data. * @param buf Pointer to buffer to receive read data.
@@ -567,9 +572,10 @@ SSH_DEPRECATED LIBSSH_API int sftp_async_read(sftp_file file,
/** /**
* @brief Write to a file using an opened sftp file handle. * @brief Write to a file using an opened sftp file handle.
* *
* The maximum size of the SFTP packet payload is 32768 bytes so the count * This function caps the length a user is allowed to write to an sftp file.
* parameter is capped at this value. This is low-level function so it does not *
* try to send more than this amount of data. * The value used for the cap is same as the value of the max_write_length
* field of the sftp_limits_t returned by sftp_limits().
* *
* @param file Open sftp file handle to write to. * @param file Open sftp file handle to write to.
* *

23
src/sftp.c
View File

@@ -1156,6 +1156,18 @@ ssize_t sftp_read(sftp_file handle, void *buf, size_t count) {
return 0; return 0;
} }
/*
* limit the reads to the maximum specified in Section 3 of
* https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02
* or to the values provided by the limits@openssh.com extension.
*
* TODO: We should iterate over the blocks rather than writing less than
* requested to provide less surprises to the calling applications.
*/
if (count > sftp->limits->max_read_length) {
count = sftp->limits->max_read_length;
}
buffer = ssh_buffer_new(); buffer = ssh_buffer_new();
if (buffer == NULL) { if (buffer == NULL) {
ssh_set_error_oom(sftp->session); ssh_set_error_oom(sftp->session);
@@ -1396,16 +1408,17 @@ ssize_t sftp_write(sftp_file file, const void *buf, size_t count) {
id = sftp_get_new_id(file->sftp); id = sftp_get_new_id(file->sftp);
/*
/* limit the writes to the maximum specified in Section 3 of * limit the writes to the maximum specified in Section 3 of
* https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02 * https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-02
* or to the values provided by the limits@openssh.com extension.
* *
* FIXME: This value should be adjusted to the value from the
* limits@openssh.com extension if supported
* TODO: We should iterate over the blocks rather than writing less than * TODO: We should iterate over the blocks rather than writing less than
* requested to provide less surprises to the calling applications. * requested to provide less surprises to the calling applications.
*/ */
count = count > 32768 ? 32768 : count; if (count > sftp->limits->max_write_length) {
count = sftp->limits->max_write_length;
}
rc = ssh_buffer_pack(buffer, rc = ssh_buffer_pack(buffer,
"dSqdP", "dSqdP",