Apply by doing: cd /usr/src patch -p0 < 003_tftpd.patch And then rebuild and install tftpd: cd usr.sbin/tftpd/ make obj make depend make make install Index: usr.sbin/tftpd/tftpd.c =================================================================== RCS file: /cvs/src/usr.sbin/tftpd/tftpd.c,v retrieving revision 1.8 retrieving revision 1.8.2.1 diff -u -p -r1.8 -r1.8.2.1 --- usr.sbin/tftpd/tftpd.c 13 Jul 2012 02:31:46 -0000 1.8 +++ usr.sbin/tftpd/tftpd.c 21 Mar 2013 05:20:32 -0000 1.8.2.1 @@ -1,4 +1,4 @@ -/* $OpenBSD: tftpd.c,v 1.8 2012/07/13 02:31:46 gsoares Exp $ */ +/* $OpenBSD: tftpd.c,v 1.8.2.1 2013/03/21 05:20:32 dlg Exp $ */ /* * Copyright (c) 2012 David Gwynne @@ -168,7 +168,7 @@ void tftp_end(struct tftp_client *); void tftp(struct tftp_client *, struct tftphdr *, size_t); void tftp_open(struct tftp_client *, const char *); void nak(struct tftp_client *, int); -void oack(struct tftp_client *); +int oack(struct tftp_client *); void oack_done(int, short, void *); void sendfile(struct tftp_client *); @@ -565,7 +565,7 @@ client_alloc() { struct tftp_client *client; - client = calloc(sizeof(*client), 1); + client = calloc(1, sizeof(*client)); if (client == NULL) return (NULL); @@ -812,7 +812,7 @@ again: client->fgetc = pf->f_getc; client->fputc = pf->f_putc; - client->options = options = calloc(sizeof(*client->options), NOPT); + client->options = options = calloc(NOPT, sizeof(*client->options)); if (options == NULL) { ecode = 100 + ENOMEM; goto error; @@ -876,7 +876,8 @@ tftp_open(struct tftp_client *client, co goto error; if (client->options) { - oack(client); + if (oack(client) == -1) + goto error; free(client->options); client->options = NULL; @@ -886,7 +887,6 @@ tftp_open(struct tftp_client *client, co sendfile(client); return; - error: nak(client, ecode); } @@ -1386,7 +1386,7 @@ nak(struct tftp_client *client, int erro /* * Send an oack packet (option acknowledgement). */ -void +int oack(struct tftp_client *client) { struct opt_client *options = client->options; @@ -1396,7 +1396,7 @@ oack(struct tftp_client *client) tp = (struct tftphdr *)client->buf; bp = (char *)tp->th_stuff; - size = client->packet_size - 2; + size = sizeof(client->buf) - 2; tp->th_opcode = htons((u_short)OACK); for (i = 0; i < NOPT; i++) { @@ -1406,14 +1406,14 @@ oack(struct tftp_client *client) n = snprintf(bp, size, "%s%c%lld", opt_names[i], '\0', options[i].o_reply); if (n == -1 || n >= size) { - lwarn("oack: no buffer space"); + lwarnx("oack: no buffer space"); goto error; } bp += n + 1; size -= n + 1; if (size < 0) { - lwarn("oack: no buffer space"); + lwarnx("oack: no buffer space"); goto error; } } @@ -1436,10 +1436,10 @@ oack(struct tftp_client *client) oack_done, client); event_add(&client->sev, &client->tv); - return; + return (0); error: - client_free(client); + return (-1); } int