SFTP Zero Byte Files

1. When putting a file with SFTP, the client should check that the requested file is a regular file based on its attributes. 2. Add the attributes to check in the permissions. 3. Add server checking for non-regular files and not allowing them to be opened for reading or writing.
2023-12-05 15:07:38 -08:00 · 2023-12-05 15:07:38 -08:00 · f35cab9e86
parent 9d92672931
commit f35cab9e86
2 changed files with 53 additions and 11 deletions
--- a/examples/sftpclient/sftpclient.c
+++ b/examples/sftpclient/sftpclient.c
@ -634,6 +634,12 @@ static int doCmds(func_args* args)
 #endif

            if (ret != WS_SUCCESS) {
+                if (wolfSSH_get_error(ssh) == WS_SFTP_NOT_FILE_E) {
+                    if (SFTP_FPUTS(args, "Not a regular file\n")  < 0) {
+                         err_msg("fputs error");
+                         return -1;
+                    }
+                }
                if (SFTP_FPUTS(args, "Error pushing file\n") < 0) {
                    err_msg("fputs error");
                    return -1;
--- a/src/wolfsftp.c
+++ b/src/wolfsftp.c
@ -1977,6 +1977,7 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
    char* res   = NULL;
    char  ier[] = "Internal Failure";
    char  oer[] = "Open File Error";
+    char  naf[] = "Not A File";

    if (ssh == NULL) {
        return WS_BAD_ARGUMENT;
@ -2036,6 +2037,25 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
        m |= WOLFSSH_O_EXCL;
    }

+    {
+        WS_SFTP_FILEATRB fileAtr = { 0 };
+        if (SFTP_GetAttributes(ssh->fs,
+                        dir, &fileAtr, 1, ssh->ctx->heap) == WS_SUCCESS) {
+            if ((fileAtr.per & FILEATRB_PER_MASK_TYPE) != FILEATRB_PER_FILE) {
+                WLOG(WS_LOG_SFTP, "Not a file");
+                ssh->error = WS_SFTP_NOT_FILE_E;
+
+                res = naf;
+                if (wolfSSH_SFTP_CreateStatus(ssh, WOLFSSH_FTP_FAILURE, reqId,
+                            res, "English", NULL, &outSz) != WS_SIZE_ONLY) {
+                    return WS_FATAL_ERROR;
+                }
+                ret = WS_FATAL_ERROR;
+            }
+        }
+    }
+
+    if (ret == WS_SUCCESS) {
        /* if file permissions not set then use default */
        if (!(atr.flags & WOLFSSH_FILEATRB_PERM)) {
            atr.per = 0644;
@ -2051,6 +2071,7 @@ int wolfSSH_SFTP_RecvOpen(WOLFSSH* ssh, int reqId, byte* data, word32 maxSz)
            }
            ret = WS_BAD_FILE_E;
        }
+    }

 #ifdef WOLFSSH_STOREHANDLE
    if (ret == WS_SUCCESS) {
@ -8722,6 +8743,21 @@ int wolfSSH_SFTP_Put(WOLFSSH* ssh, char* from, char* to, byte resume,
            case STATE_PUT_OPEN_LOCAL:
                WLOG(WS_LOG_SFTP, "SFTP PUT STATE: OPEN LOCAL");
            #ifndef USE_WINDOWS_API
+                {
+                    WS_SFTP_FILEATRB fileAtr = { 0 };
+                    if (SFTP_GetAttributes(ssh->fs,
+                                from, &fileAtr, 1, ssh->ctx->heap)
+                            == WS_SUCCESS) {
+                        if ((fileAtr.per & FILEATRB_PER_MASK_TYPE)
+                                != FILEATRB_PER_FILE) {
+                            WLOG(WS_LOG_SFTP, "Not a file");
+                            ssh->error = WS_SFTP_NOT_FILE_E;
+                            ret = WS_FATAL_ERROR;
+                            state->state = STATE_PUT_CLEANUP;
+                            continue;
+                        }
+                    }
+                }
                ret = WFOPEN(ssh->fs, &state->fl, from, "rb");
                if (ret != 0) {
                    WLOG(WS_LOG_SFTP, "Unable to open input file");