The branch main has been updated by des: URL: https://cgit.FreeBSD.org/src/commit/?id=b94689d036c5f5bdc04d080ff7dd5d0e9df9b8d4
commit b94689d036c5f5bdc04d080ff7dd5d0e9df9b8d4 Author: Dag-Erling Smørgrav <[email protected]> AuthorDate: 2026-05-22 17:57:27 +0000 Commit: Dag-Erling Smørgrav <[email protected]> CommitDate: 2026-05-22 17:57:27 +0000 tftp: Add test case with over-long URL This adds a test case that passes a very long URL on the command line, which would previously have resulted in a benign buffer overflow in urihandling(), detectable only by compiling tftp with ASAN enabled. MFC after: 1 week Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D57074 --- usr.bin/tftp/tests/tftp_test.sh | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/usr.bin/tftp/tests/tftp_test.sh b/usr.bin/tftp/tests/tftp_test.sh index a4c9f3b898e7..12c008b2c78c 100644 --- a/usr.bin/tftp/tests/tftp_test.sh +++ b/usr.bin/tftp/tests/tftp_test.sh @@ -442,6 +442,29 @@ tftp_url_ipv6_cleanup() { stop_tftpd } +atf_test_case tftp_url_long cleanup +tftp_url_long_head() { + atf_set "descr" "Very long URL" + atf_set "require.user" "root" +} +tftp_url_long_body() { + start_tftpd + mkdir "${tftp_dir}/subdirectory" + local remote_file="${tftp_dir}/hello.txt" + echo "Hello, $$!" >"${remote_file}" + local local_file="${remote_file##*/}" + local d="subdirectory/../" + d="${d}${d}${d}${d}${d}${d}${d}${d}" + d="${d}${d}${d}${d}${d}${d}${d}${d}" + d="${d}${d}${d}${d}${d}${d}${d}${d}" + atf_check -s exit:1 -o match:"Illegal TFTP operation" \ + tftp "tftp://localhost/${d}${remote_file##*/}" + atf_check -s exit:1 test -f "${local_file}" +} +tftp_url_long_cleanup() { + stop_tftpd +} + atf_init_test_cases() { atf_add_test_case tftp_get_big atf_add_test_case tftp_get_host @@ -462,4 +485,5 @@ atf_init_test_cases() { atf_add_test_case tftp_url_host atf_add_test_case tftp_url_ipv4 atf_add_test_case tftp_url_ipv6 + atf_add_test_case tftp_url_long }
