Attachment 1239 Details for Bug 1286 – A patch for sftp buffer handling applies to 4.3p2

[patch] A patch for sftp buffer handling applies to 4.3p2

4.3p2.diff (text/plain), 3.35 KB, created by Thue Janus Kristensen on 2007-02-19 03:59:41 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: Thue Janus Kristensen

Created: 2007-02-19 03:59:41 AEDT

Size: 3.35 KB

patch

obsolete

>diff -ur lala2/openssh-4.3p2/buffer.c lala/openssh-4.3p2/buffer.c
>--- lala2/openssh-4.3p2/buffer.c	2005-03-14 13:22:26.000000000 +0100
>+++ lala/openssh-4.3p2/buffer.c	2007-02-18 16:02:41.000000000 +0100
>@@ -66,6 +66,17 @@
> 	memcpy(p, data, len);
> }
> 
>+/* Shuffle data to the start of the buffer. */
>+
>+static void
>+buffer_defragment(Buffer *buffer)
>+{
>+	memmove(buffer->buf, buffer->buf + buffer->offset,
>+		buffer->end - buffer->offset);
>+	buffer->end -= buffer->offset;
>+	buffer->offset = 0;
>+}
>+
> /*
>  * Appends space to the buffer, expanding the buffer if necessary. This does
>  * not actually copy the data into the buffer, but instead returns a pointer
>@@ -98,18 +109,21 @@
> 	 * data to the beginning and retry.
> 	 */
> 	if (buffer->offset > MIN(buffer->alloc, BUFFER_MAX_CHUNK)) {
>-		memmove(buffer->buf, buffer->buf + buffer->offset,
>-			buffer->end - buffer->offset);
>-		buffer->end -= buffer->offset;
>-		buffer->offset = 0;
>+		buffer_defragment(buffer);
> 		goto restart;
> 	}
>-	/* Increase the size of the buffer and retry. */
> 
>+	/* Increase the size of the buffer and retry. */
> 	newlen = buffer->alloc + len + 32768;
>-	if (newlen > BUFFER_MAX_LEN)
>-		fatal("buffer_append_space: alloc %u not supported",
>-		    newlen);
>+	if (newlen > BUFFER_MAX_LEN) {
>+		if (buffer->offset > 0) {
>+			buffer_defragment(buffer);
>+			goto restart;
>+		} else {
>+			fatal("buffer_append_space: alloc %u not supported",
>+			      newlen);
>+		}
>+	}
> 	buffer->buf = xrealloc(buffer->buf, newlen);
> 	buffer->alloc = newlen;
> 	goto restart;
>@@ -124,6 +138,14 @@
> 	return buffer->end - buffer->offset;
> }
> 
>+/* The maximum potential space left in buffer. */
>+
>+u_int
>+buffer_potential_free_space(Buffer *buffer)
>+{
>+	return BUFFER_MAX_LEN - buffer_len(buffer);
>+}
>+
> /* Gets data from the beginning of the buffer. */
> 
> int
>diff -ur lala2/openssh-4.3p2/buffer.h lala/openssh-4.3p2/buffer.h
>--- lala2/openssh-4.3p2/buffer.h	2005-03-14 13:22:26.000000000 +0100
>+++ lala/openssh-4.3p2/buffer.h	2007-02-18 16:03:21.000000000 +0100
>@@ -31,6 +31,7 @@
> void	 buffer_free(Buffer *);
> 
> u_int	 buffer_len(Buffer *);
>+u_int    buffer_potential_free_space(Buffer *);
> void	*buffer_ptr(Buffer *);
> 
> void	 buffer_append(Buffer *, const void *, u_int);
>diff -ur lala2/openssh-4.3p2/sftp-server.c lala/openssh-4.3p2/sftp-server.c
>--- lala2/openssh-4.3p2/sftp-server.c	2006-01-02 13:40:51.000000000 +0100
>+++ lala/openssh-4.3p2/sftp-server.c	2007-02-18 16:22:05.000000000 +0100
>@@ -1074,7 +1074,10 @@
> 		memset(rset, 0, set_size);
> 		memset(wset, 0, set_size);
> 
>-		FD_SET(in, rset);
>+		/* If the oqueue is close to full then we want to wait on just the output. */
>+		if (buffer_potential_free_space(&oqueue) > SFTP_MAX_MSG_LENGTH + 4)
>+			FD_SET(in, rset);
>+
> 		olen = buffer_len(&oqueue);
> 		if (olen > 0)
> 			FD_SET(out, wset);
>@@ -1086,7 +1089,8 @@
> 		}
> 
> 		/* copy stdin to iqueue */
>-		if (FD_ISSET(in, rset)) {
>+		if (buffer_potential_free_space(&iqueue) > SFTP_MAX_MSG_LENGTH + 4 &&
>+		    FD_ISSET(in, rset)) {
> 			char buf[4*4096];
> 			len = read(in, buf, sizeof buf);
> 			if (len == 0) {
>@@ -1109,7 +1113,10 @@
> 				buffer_consume(&oqueue, len);
> 			}
> 		}
>-		/* process requests from client */
>-		process();
>+		/* process requests from client. If the output buffer
>+		 * is critical then don't create more data by
>+		 * processing more requests. */
>+		if (buffer_potential_free_space(&oqueue) > SFTP_MAX_MSG_LENGTH + 4)
>+			process();
> 	}
> }

Actions: View | Diff

Attachments on bug 1286: 1238 | 1239 | 1241 | 1282