Opened 3 years ago
Closed 2 years ago
#12687 closed Bug report (invalid)
Different behavior with wrong path input
Reported by: | A.Weber | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | FileZilla Server |
Keywords: | backslash | Cc: | |
Component version: | 1.3.0 | Operating system type: | Windows |
Operating system version: | Windows Server 2019 |
Description
Recently one of our customers changed his servers and so we wanted to change from FileZilla Server Version 0.9.43 to 1.3.0, but we encountered a tricky behavior, which prevented that.
He uses an old Software on Windows CE and this program transfer's files trough FTP, but we recently found out, that the path in the PUT Command is wrong.
They use backslash \ instead of slash /.
Example: PUT 250122033146874.bmp \unterschriften\250122033146874.bmp
And here is the tricky part, with Version 0.9.43 it changes the backslash to slash according to the log and so the file transfer works.
(000003)01.04.2022 14:33:17 - zmde ( )> CWD \unterschriften\
(000003)01.04.2022 14:33:17 - zmde ( )> 250 CWD successful. "/unterschriften" is current directory.
(000003)01.04.2022 14:33:18 - zmde ( )> PASV
(000003)01.04.2022 14:33:18 - zmde ( )> 227 Entering Passive Mode (10,207,102,20,192,16)
(000003)01.04.2022 14:33:20 - zmde ( )> STOR 250122033146874.bmp
(000003)01.04.2022 14:33:20 - zmde ( )> 150 Opening data channel for file upload to server of "/unterschriften/250122033146874.bmp"
(000003)01.04.2022 14:33:22 - zmde ( )> 226 Successfully transferred "/unterschriften/250122033146874.bmp"
(000003)01.04.2022 14:33:22 - zmde ( )> PASV
(000003)01.04.2022 14:33:22 - zmde ( )> 227 Entering Passive Mode (10,207,102,20,192,17)
(000003)01.04.2022 14:33:24 - zmde ( )> RETR \unterschriften\250122033146874.bmp
(000003)01.04.2022 14:33:24 - zmde ( )> 150 Opening data channel for file download from server of "/unterschriften/250122033146874.bmp"
(000003)01.04.2022 14:33:24 - zmde ( )> 226 Successfully transferred "/unterschriften/250122033146874.bmp"
(000003)01.04.2022 14:33:32 - zmde ( )> QUIT
(000003)01.04.2022 14:33:32 - zmde ( )> 221 Goodbye
But with Version 1.3.0 we get Error 550 Invalid Filename, what's correct because the command itself is wrong.
As we can't change the old software and we didn't found any configuration in the new Version to allow such a behavior, we changed back to Version 0.9.43.
If it's a bug or a new feature I can't decide and I just wanted to let you know of this different behavior.
It was a decision made on purpose to disallow backslashes in paths if the server is running on windows, for security reasons.
Thanks for having spent the time to write the report, though.