tomaswolf commented on issue #329: URL: https://github.com/apache/mina-sshd/issues/329#issuecomment-1462546473
> There are a 7 usage of this constant in the SFTP module, I don't think any of those is valid. Agreed. * [SftpModuleProperties.WRITE_CHUNK_SIZE](https://github.com/apache/mina-sshd/blob/801edabdb7723e9f5bf03fd66c6e48a2d240bb9f/sshd-sftp/src/main/java/org/apache/sshd/sftp/SftpModuleProperties.java#L103): unclear why the default subtracts 8. Used to break large client writes into multiple SSH_FXP_WRITE calls. A better approach might be to base this on the remote window's packet size. An even better approach is to use the peer's maximum write size as advertised in a "limits" extension (openSSH, max-write-length) or perhaps in higher SFTP versions the "max-read-size" value (if non-zero) from the "supported" or "supported2" SSH_FXP_VERSION extensions, if present. (Though the semantics is slightly different, it may be safe to assume that a server that is willing to return _x_ bytes on read requests is also willing to accept _x_ bytes in write requests, but might get into trouble with more.) * [AbstractSftpClient](https://github.com/apache/mina-sshd/blob/801edabdb7723e9f5bf03fd66c6e48a2d240bb9f/sshd-sftp/src/main/java/org/apache/sshd/sftp/client/impl/AbstractSftpClient.java#L874): Unrelated to SSH packet size. Here it's the number of entries in a SSH_FXP_NAME response. High counts need not be checked since a maximum packet length is enforced earlier; bogus high counts will just make reading from the buffer fail once it is exhausted. * DefaultSftpClient: this is the case that initiated this issue. Unrelated to SSH packet size; it's maximum length of an SFTP message. This check is needed to guard against getting into OOM situations, but the limit could be made configurable. * [SftpHelper](https://github.com/apache/mina-sshd/blob/801edabdb7723e9f5bf03fd66c6e48a2d240bb9f/sshd-sftp/src/main/java/org/apache/sshd/sftp/common/SftpHelper.java); all 3 instances: unrelated to SSH packet size. Only the check against < 0 is needed. If the count is too high, reading from the buffer will fail anyway. * [AclCapabilities](https://github.com/apache/mina-sshd/blob/801edabdb7723e9f5bf03fd66c6e48a2d240bb9f/sshd-sftp/src/main/java/org/apache/sshd/sftp/common/extensions/AclSupportedParser.java#L64): unrelated to SSH packet size. The value must be in the range [0 .. 0x2F], and it's not a count but a bit set. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
