Re: CVS commit: basesrc/usr.bin/ftp

To: itojun%netbsd.org@localhost, lukem%netbsd.org@localhost
Subject: Re: CVS commit: basesrc/usr.bin/ftp
From: enami tsugutomo <enami%sm.sony.co.jp@localhost>
Date: 26 Apr 2002 10:03:29 +0900

Jun-ichiro itojun Hagino <itojun%netbsd.org@localhost> writes:

> Module Name:  basesrc
> Committed By: itojun
> Date:         Thu Apr 25 10:55:44 UTC 2002
> 
> Modified Files:
>       basesrc/usr.bin/ftp: ftp.c
> 
> Log Message:
> avoid buffer overrun on PASV from malicious server.
> http://online.securityfocus.com/archive/1/269356/2002-04-22/2002-04-28/0
> 
> 
> To generate a diff of this commit:
> cvs rdiff -r1.117 -r1.118 basesrc/usr.bin/ftp/ftp.c

After reading this diff, I'm curious about some points:

- Do we want to use pasv[] when truncation occured?

- When server doesn't send '\r' nor ')', NUL termination depends on
  bss initialization of pasv[], doesn't it?  So, it works only once.
  I'm not sure if this is guaranteed.

- The relationship with continuation line is unclear.  When server did
  same thing above, next line will be copied.

enami.

Follow-Ups:
- Re: CVS commit: basesrc/usr.bin/ftp
  - From: itojun

References:
- CVS commit: basesrc/usr.bin/ftp
  - From: Jun-ichiro itojun Hagino

Prev by Date: CVS commit: [nathanw_sa] basesrc/lib/libpthread/arch/sparc64
Next by Date: CVS commit: basesrc/distrib/alpha/instkernel/fdset
Previous by Thread: CVS commit: basesrc/usr.bin/ftp
Next by Thread: Re: CVS commit: basesrc/usr.bin/ftp
Indexes:

Home | Main Index | Thread Index | Old Index