oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

fix buffer overrun when receiving long replies

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10948 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Johan Danielsson
2002-04-24 21:55:07 +00:00
parent e20a3066df
commit 2fcca68adc
1 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
appl/ftp/ftp/ftp.c
View File

@@ -312,7 +312,8 @@ getreply (int expecteof)
char *lead_string; char *lead_string;
int c; int c;
struct sigaction sa, osa; struct sigaction sa, osa;
char buf[1024]; char buf[8192];
int long_warn = 0;
sigemptyset (&sa.sa_mask); sigemptyset (&sa.sa_mask);
sa.sa_flags = 0; sa.sa_flags = 0;
@@ -368,7 +369,7 @@ getreply (int expecteof)
if (verbose > 0 || (verbose > -1 && code > 499)) if (verbose > 0 || (verbose > -1 && code > 499))
fprintf (stdout, "%s%s\n", lead_string, buf); fprintf (stdout, "%s%s\n", lead_string, buf);
if (buf[3] == ' ') { if (buf[3] == ' ') {
strcpy (reply_string, buf); strlcpy (reply_string, buf, sizeof(reply_string));
if (code >= 200) if (code >= 200)
cpend = 0; cpend = 0;
sigaction (SIGINT, &osa, NULL); sigaction (SIGINT, &osa, NULL);
@@ -381,17 +382,12 @@ getreply (int expecteof)
osa.sa_handler (SIGINT); osa.sa_handler (SIGINT);
#endif #endif
if (code == 227 || code == 229) { if (code == 227 || code == 229) {
char *p, *q; char *p;
pasv[0] = 0;
p = strchr (reply_string, '('); p = strchr (reply_string, '(');
if (p) { if (p) {
p++; p++;
q = strchr(p, ')'); strlcpy(pasv, p, sizeof(pasv));
if(q){
memcpy (pasv, p, q - p);
pasv[q - p] = 0;
}
} }
} }
return code / 100; return code / 100;
@@ -404,9 +400,15 @@ getreply (int expecteof)
} }
} }
p = buf; p = buf;
long_warn = 0;
continue; continue;
default: default:
*p++ = c; if(p < buf + sizeof(buf) - 1)
*p++ = c;
else if(long_warn == 0) {
fprintf(stderr, "WARNING: incredibly long line received\n");
long_warn = 1;
}
} }
} }