Opened 3 months ago

Closed 3 months ago

#12166 closed Bug report (wontfix)

Integer Overflows when Processing Directory Listing

Reported by: Bill Owned by:
Priority: normal Component: FileZilla Client
Keywords: Integer overflow Cc:
Component version: 3.47.2.1 Operating system type: Linux
Operating system version: Ubuntu 18.04.4

Description

There are integer overflows in enging/directorylistingparser.cpp and interface/remotelistview.cpp, when converting from the string received to int64_t. A number higher than the max of int64_t as the size returned in a directory listing will be improperly parsed and produce nonsensical results, such as a negative file size.

This happens on lines 220, 2644, and 2665 in directorylistingparser and 782 in remotelistview (not an exhaustive list).

Since this value is not used, other than displayed to the user, I do not think this can be exploited, nor crash the program.

Change History (1)

comment:1 by Tim Kosse, 3 months ago

Resolution: wontfix
Status: newclosed

We are aware of these overflows, they are harmless. Even if it results in displaying nonsensical sizes to the user, the server could just as well have sent other, non-overflowing but still nonsensical data to the client.

Note: See TracTickets for help on using tickets.