30 Aug
2007
30 Aug
'07
9:18 a.m.
In message 20070830002624.4040.18733.stgit@trillian.cg.shawcable.net you wrote:
From: Grant Likely grant.likely@secretlab.ca
The TFTP OACK code trusts that the incoming packet is formated as ASCII text and can be processed by string functions. It also as a loop limit overflow bug where if the packet length is less than 8, it ends up looping over *all* of memory to find the 'blksize' string.
This patch solves the problem by forcing the packet to be null terminated and using strstr() to search for the sub string.
Signed-off-by: Grant Likely grant.likely@secretlab.ca
Thanks a lot. Applied.
Best regards,
Wolfgang Denk
--
DENX Software Engineering GmbH, MD: Wolfgang Denk & Detlev Zundel
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@denx.de
Life is a game. Money is how we keep score. - Ted Turner