Hello,
While working around ticket 249 I have seen something that might
eventually lead to trouble.
In sftp.c, around line 1487, sftp_read():
======================================
case SSH_FXP_DATA:
rc32 = _libssh2_ntohu32(data + 5);
if (rc32 > (data_len - 9))
return _libssh2_error(session,
LIBSSH2_ERROR_SFTP_PROTOCOL,
"SFTP Protocol badness");
if(rc32 != chunk->len) {
/* a short read does not imply end of file, but we must
adjust the offset_sent since it was advanced with a
full chunk->len before */
filep->offset_sent -= (chunk->len - rc32);
======================================
If the received length is shorter than requested, it just reduce the
filep->offset_sent. This is wrong, since offset_sent has already been
used to send requests. If this happens, the file will be missing a
chunk. What OpenSSH does in this case is to resend the request with the
missing length. I do not know if a lot of servers answers with data
shorter than requested...
It looks like old code, if the sftp code has passed from
one-request-at-a-time to multiple parallel requests.
I may have missed something in this case, so feel free to comment :-).
Maxime Larocque
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2012-10-17