Date: Fri, 22 May 2026 17:58:11 +0000 From: Dag-Erling=?utf-8?Q? Sm=C3=B8rg?=rav <des@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: b94689d036c5 - main - tftp: Add test case with over-long URL Message-ID: <6a109933.3948e.12359126@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=b94689d036c5f5bdc04d080ff7dd5d0e9df9b8d4 commit b94689d036c5f5bdc04d080ff7dd5d0e9df9b8d4 Author: Dag-Erling Smørgrav <des@FreeBSD.org> AuthorDate: 2026-05-22 17:57:27 +0000 Commit: Dag-Erling Smørgrav <des@FreeBSD.org> CommitDate: 2026-05-22 17:57:27 +0000 tftp: Add test case with over-long URL This adds a test case that passes a very long URL on the command line, which would previously have resulted in a benign buffer overflow in urihandling(), detectable only by compiling tftp with ASAN enabled. MFC after: 1 week Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D57074 --- usr.bin/tftp/tests/tftp_test.sh | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/usr.bin/tftp/tests/tftp_test.sh b/usr.bin/tftp/tests/tftp_test.sh index a4c9f3b898e7..12c008b2c78c 100644 --- a/usr.bin/tftp/tests/tftp_test.sh +++ b/usr.bin/tftp/tests/tftp_test.sh @@ -442,6 +442,29 @@ tftp_url_ipv6_cleanup() { stop_tftpd } +atf_test_case tftp_url_long cleanup +tftp_url_long_head() { + atf_set "descr" "Very long URL" + atf_set "require.user" "root" +} +tftp_url_long_body() { + start_tftpd + mkdir "${tftp_dir}/subdirectory" + local remote_file="${tftp_dir}/hello.txt" + echo "Hello, $$!" >"${remote_file}" + local local_file="${remote_file##*/}" + local d="subdirectory/../" + d="${d}${d}${d}${d}${d}${d}${d}${d}" + d="${d}${d}${d}${d}${d}${d}${d}${d}" + d="${d}${d}${d}${d}${d}${d}${d}${d}" + atf_check -s exit:1 -o match:"Illegal TFTP operation" \ + tftp "tftp://localhost/${d}${remote_file##*/}" + atf_check -s exit:1 test -f "${local_file}" +} +tftp_url_long_cleanup() { + stop_tftpd +} + atf_init_test_cases() { atf_add_test_case tftp_get_big atf_add_test_case tftp_get_host @@ -462,4 +485,5 @@ atf_init_test_cases() { atf_add_test_case tftp_url_host atf_add_test_case tftp_url_ipv4 atf_add_test_case tftp_url_ipv6 + atf_add_test_case tftp_url_long }home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6a109933.3948e.12359126>