Topic "Failure/Permission Denied errors during writing make WinSCP crash"

Author Message
moh

Guest


Hello!

I am using WinSCP 5.9 (Build 6786) and am trying to implement an mime filter in the openssh sftp-server code. Since I only know if the file that is loaded onto my server is allowed after the writing process started, I return a Permission Denied status during writing, as soon as the mime type can be determined from the file.

However, most of the time WinSCP returns a "packet was garbled on decryption" error. WinSCP is terminated and in the log "Fatal error while disposing the SFTP queue" can be read.
Even if it doesn't, it still sometimes procedes as if everything was fine and tries to rename the file, if it had been opened as <filename>.filepart. Only in very few cases it displays the error correctly and finishes after calling close.

How can I stop the writing process correctly?

Thanks,
moh
Advertisements
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26331
Location: Prague, Czechia
Can I have a test account on your server?

Or at least, can you post a complete session log file on Debug-1 level?
moh

Guest


I added an attachment with three logfiles by WinSCP. First, there is the decryption error, in the second part the "no such file" error (since I didn't expect rename to be called after I sent permission denied, I already removed the file) and lastly the hoped for "permission denied" error. All cases are reached with the same code on the server side.

If you are wondering what I am doing in the openssh sftp-server code, here is a small summary:

1. process_open: If the flag for writing is set, I check whether there already exists a file with the given name or the name minus ".filepart". If this is so, I rename that file to have a backup in case the mime type of the new file is not on the whitelist. Then I write the name of the backup into the handle.

2. process_write: On every process_write I check the handle if it is locked (variable initiated with false). Then I write the bytes and check the mime type via libmagic. If it is not on my whitelist, I immediately truncate the file, set the lock and rename the backup file (if it exists) to it's original name. If the truncated file has ".filepart" in it's name, I unlink it. If there was no backup in the first place, I just unlink the truncated file. I send the status SSH2_FX_PERMISSION_DENIED.
If process_write is called and the lock is set, I just send the permission denied status.

3. process_close: If the handle wasn't locked and there is a backup file, I unlink it.
winscp_log.txt (41.38 KB) [Download]

Description: (none)

moh

Guest


I installed the newest WinSCP Version, but the problem remains. In which part of the WinSCP code do I find the handling of errors (like permission denied) during writing?
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26331
Location: Prague, Czechia
Can you send me an email, so I can send you back a debug version of WinSCP to track the problem? Please include link back to this topic in your email. Also note in this topic that you have sent the email. Thanks.

You will find my address (if you log in) in my forum profile.
moh
[View user's profile]

Joined: 2017-04-18
Posts: 1
I just sent the email. I am looking forward to the debug version. Thank you.
martin
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26331
Location: Prague, Czechia
Two related issues have been added to the tracker:
https://winscp.net/tracker/show_bug.cgi?id=1536
https://winscp.net/tracker/show_bug.cgi?id=1537
Advertisements

You can post new topics in this forum






Search Site

What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!

Donate

About donations

$9   $19   $49   $99

About donations

Recommend

WinSCP Privacy Policy

WinSCP License