Opened 20 years ago
Last modified 20 years ago
#1460 closed Patch
Fix for certain FTP clients sending PORT commands
| Reported by: | dartonw | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | Other |
| Keywords: | Cc: | dartonw, Tim Kosse | |
| Component version: | Operating system type: | ||
| Operating system version: |
Description
Some FTP clients (CuteFTP is one, I believe) send
leading zeros in the IP portion of the PORT command,
e.g. "PORT 001,002,003,004,13,79". When an ip address
in this format (001.002.003.004) is passed to inet_addr
(), it is interpreted as octal. If 8 or 9 are present in the
IP, inet_addr() returns INADDR_NONE, and the PORT
command fails. This fix resolves that issue by converting
each octet of the IP to int and back to char to strip
leading zeros.
Attachments (1)
Change History (3)
by , 20 years ago
| Attachment: | ControlSocket.cpp.2.patch added |
|---|
comment:1 by , 20 years ago
Applied heavily modifed patch. Please make sure NOT to
introduce buffer overflows: The size of the number passed to
itoa wasn't checked. PORT 01234,0,0,0,0,0 did at best crash
the entire server.
comment:2 by , 20 years ago
Good point. I didn't account for malicious intent by users
sending literal commands.
inet_addr patch to ControlSocket.cpp