cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tscott.phoenix
Observer
Observer
6,955 Views
Registered: ‎06-03-2011

XAPP1026 / tftpserver bug

I have discovered what appears to be a bug in the implementation of the tftpserver.c file found in XAPP1026.  If you transfer a file from the device containing a number of bytes that is a multiple of the TFTP packet size (512), downloading that file will not get terminated correctly.  Instead, you'll see "closing connection, ret = 0" appear in the console and your client's TFTP session will eventually timeout.

 

The problem here is that tftp_send_next_block() will terminate earlier than it should when it detects that 0 bytes are read from the file.  This will happen after a file has been entirely read and that file has a number of bytes that is an even multiple of the TFTP packet size.  TFTP sessions normally terminate when they detect a packet size of 0 to 511 bytes.  Without receiving a 0-byte termination packet, the client doesn't detect the end of the download and has to wait for a timeout before considering the transfer complete.  This is obviously ++ungood.

 

To correct this, update the following section in the tftp_send_next_block() method within tftpserver.c from:

 

if (args->data_len <= 0) {
xil_printf("closing connection, ret = %d\r\n", args->data_len);
/* we are done */
return tftp_cleanup(pcb, args);
}

 

 

to:

 

if (args->data_len < 0) {
xil_printf("closing connection, ret = %d\r\n", args->data_len);
/* we are done */
return tftp_cleanup(pcb, args);
}

 

 

The difference here is the " < 0 " vs " <= 0" check in the if-statement.  The callback from tftp_send_data_packet() invoked later in this method will take care of properly terminating the transfer when the 0-length packet has transmitted.  

 

I made this update in my code and now my TFTP sessions terminate correctly when I download a file that has a size of 393216 (which is exactly 768 * 512).

 

--tim

0 Kudos
0 Replies