From f882a66eb4c53120bd4bd66946fc276f7456547c Mon Sep 17 00:00:00 2001 From: steve-lad <72376554+steve-lad@users.noreply.github.com> Date: Mon, 28 Jun 2021 07:17:51 +0200 Subject: [PATCH] Tighten TFTP read controls Avoid hanging if no data received by setting timeout. Thanks to @dkgroot for soulution --- install.php | 2 +- sccpManTraits/helperFunctions.php | 33 +++++++++++++------------------ 2 files changed, 15 insertions(+), 20 deletions(-) diff --git a/install.php b/install.php index 03c0a40..6c1de4f 100644 --- a/install.php +++ b/install.php @@ -973,7 +973,7 @@ function getConfigMetaData($segment) { $sysConfiguration[$valueArray['Name']] = $valueArray; if (array_key_exists($valueArray['Name'],$settingsFromDb)) { if (!empty($sysConfiguration[$valueArray['Name']]['DefaultValue'])) { - $sql = "UPDATE sccpsettings SET systemdefault = {$valueArray['DefaultValue']} WHERE keyword like '{($valueArray['Name']}'" + $sql = "UPDATE sccpsettings SET systemdefault = '{$valueArray['DefaultValue']}' WHERE keyword = '{$valueArray['Name']}'"; $results = $db->query($sql); } } diff --git a/sccpManTraits/helperFunctions.php b/sccpManTraits/helperFunctions.php index 3c2611f..3b491ae 100644 --- a/sccpManTraits/helperFunctions.php +++ b/sccpManTraits/helperFunctions.php @@ -161,13 +161,15 @@ trait helperfunctions { return $result; } - function tftpReadTestFile($remoteFileName) + function tftpReadTestFile($remoteFileName, $host = "127.0.0.1";) { // https://datatracker.ietf.org/doc/html/rfc1350 $socket = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP); + // Set timeout so that do not hang if no data received. + socket_set_option($socket,SOL_SOCKET, SO_RCVTIMEO, array('sec'=>1, 'usec'=>0)); + if ($socket) { - $host = "127.0.0.1"; // TODO: Should consider remote TFT Servers in future - $port = 69; + $port = 69; // Initial TFTP port. Changed in received packet. // create the RRQ request packet $packet = chr(0) . chr(1) . $remoteFileName . chr(0) . 'netascii' . chr(0); @@ -177,24 +179,17 @@ trait helperfunctions { $buffer = null; $port = ""; $ret = ""; + // MSG_WAITALL is blocking but socket has timeout set to 1 sec. + $numbytes = socket_recvfrom($socket, $buffer, 84, MSG_WAITALL, $host, $port); - // fetch file content - $count = 0; - while ( 0 == $numbytes = socket_recvfrom($socket, $buffer, 84, MSG_DONTWAIT, $host, $port)) { - sleep(1); - $count ++; - if ($count > 5) { - break; - } - }; - - // unpack the returned buffer and discard the first two bytes - try { - $pkt = unpack("nopcode/nblockno/a*data", $buffer); - } catch (\Exception $e) { - die_freepbx("TFTP server is not responding. Check that it is running and then reload this page \n"); + if ($numbytes < 2) { + // socket has timed out before data received. + return false; } - // send ack + // unpack the returned buffer and discard the first two bytes. + $pkt = unpack("nopcode/nblockno/a*data", $buffer); + + // send ack and close socket. $packet = chr(4) . chr($pkt["blockno"]); socket_sendto($socket, $packet, strlen($packet), MSG_EOR, $host, $port);