mfazekas
commented
2 years ago @bschmeck thanks looks great to me. Does it makes sense to add tests too?!
Open bschmeck opened 2 years ago
mfazekas
commented
2 years ago @bschmeck thanks looks great to me. Does it makes sense to add tests too?!
bschmeck
commented
2 years ago Sorry for the delay here, I got pulled into other things and then went on vacation.
I realized that version 6 also has an attributes bits field, so I reworked things slightly and now V06::Attributes inherits from V05::Attributes and the F_BITS constant is defined in V05::Attributes.
I also added test for the new V05::Attributes class, those should have been there from the start!
Version 5 of the SFTP spec introduced an optional
attrib-bitsfield (spec). When a server returns that data and we don't handle the 4 byte field, we quickly wind up parsing gibberish. (In my case, I wound up looping forever over a non-existent ACL entry and OOM'd my box.)Changes between v4 and v5: https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-05#section-10.1 v5 file attributes struct definition: https://datatracker.ietf.org/doc/html/draft-ietf-secsh-filexfer-05#section-5