Date: Sat, 7 Feb 1998 23:20:01 -0800 (PST) From: Bruce Evans <bde@zeta.org.au> To: freebsd-bugs Subject: Re: bin/5679: ftp does not understand 'site' correctly Message-ID: <199802080720.XAA12816@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/5679; it has been noted by GNATS.
From: Bruce Evans <bde@zeta.org.au>
To: freebsd-gnats-submit@FreeBSD.ORG, mzaki@e-mail.ne.jp
Cc: Subject: Re: bin/5679: ftp does not understand 'site' correctly
Date: Sun, 8 Feb 1998 18:10:46 +1100
>>Fix:
>--- /usr/src/usr.bin/ftp/cmds.c Fri Feb 6 02:32:24 1998
>+++ cmds.c Wed Jan 28 03:42:11 1998
>@@ -1460,7 +1460,7 @@
> for (i = 2; i < argc && len < sizeof(buf); i++) {
^ add ` - 1'
> buf[len++] = ' ';
> len += strlen(strncpy(&buf[len], argv[i],
>- sizeof(buf) - len) - 1);
>+ sizeof(buf) - len - 1));
> }
> }
> if (command(buf) == PRELIM) {
The bounds checking is broken too. When len is initially sizeof(buf) - 1,
the size passed to strncpy() is (size_t)-1 (essentially infinity).
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802080720.XAA12816>