dcavalca / rpms / grub2

Forked from rpms/grub2 3 years ago
Clone

Blame SOURCES/0335-tftp-roll-over-block-counter-to-prevent-timeouts-with.patch

44b48a
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
44b48a
From: Javier Martinez Canillas <javierm@redhat.com>
44b48a
Date: Mon, 24 Aug 2020 14:46:27 +0200
44b48a
Subject: [PATCH] tftp: roll over block counter to prevent timeouts with data
44b48a
 packets
44b48a
44b48a
The block number is a 16-bit counter which only allows to fetch
44b48a
files no bigger than 65535 * blksize. To avoid this limit, the
44b48a
counter is rolled over. This behavior isn't defined in RFC 1350
44b48a
but is handled by many TFTP servers and it's what GRUB was doing
44b48a
before implicitly due an overflow.
44b48a
44b48a
Fixing that bug led to TFTP timeouts, since GRUB wasn't acking
44b48a
data packets anymore for files with size bigger than the maximum
44b48a
mentioned above. Restore the old behavior to prevent this issue.
44b48a
44b48a
Resolves: rhbz#1869987
44b48a
44b48a
Suggested-by: Peter Jones <pjones@redhat.com>
44b48a
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
44b48a
---
44b48a
 grub-core/net/tftp.c | 16 ++++++++++++++--
44b48a
 1 file changed, 14 insertions(+), 2 deletions(-)
44b48a
44b48a
diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c
44b48a
index 79c16f9b041..84162e6f1bd 100644
44b48a
--- a/grub-core/net/tftp.c
44b48a
+++ b/grub-core/net/tftp.c
44b48a
@@ -183,8 +183,20 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)),
44b48a
 	  return GRUB_ERR_NONE;
44b48a
 	}
44b48a
 
44b48a
-      /* Ack old/retransmitted block. */
44b48a
-      if (grub_be_to_cpu16 (tftph->u.data.block) < data->block + 1)
44b48a
+      /*
44b48a
+       * Ack old/retransmitted block.
44b48a
+       *
44b48a
+       * The block number is a 16-bit counter which only allows to fetch
44b48a
+       * files no bigger than 65535 * blksize. To avoid this limit, the
44b48a
+       * counter is rolled over. This behavior isn't defined in RFC 1350
44b48a
+       * but is handled by many TFTP servers and it's what GRUB was doing
44b48a
+       * before implicitly due an overflow.
44b48a
+       *
44b48a
+       * Fixing that bug led to TFTP timeouts, since GRUB wasn't acking
44b48a
+       * data packets anymore for files with size bigger than the maximum
44b48a
+       * mentioned above. Restore the old behavior to prevent this issue.
44b48a
+       */
44b48a
+      if (grub_be_to_cpu16 (tftph->u.data.block) < ((data->block + 1) & 0xffffu))
44b48a
 	ack (data, grub_be_to_cpu16 (tftph->u.data.block));
44b48a
       /* Ignore unexpected block. */
44b48a
       else if (grub_be_to_cpu16 (tftph->u.data.block) > data->block + 1)