[Bug 1511] New: ftpd: RETR of a directory should fail

bugzilla-daemon at rtems.org bugzilla-daemon at rtems.org
Thu May 6 11:21:47 UTC 2010


https://www.rtems.org/bugzilla/show_bug.cgi?id=1511

           Summary: ftpd: RETR of a directory should fail
           Product: RTEMS
           Version: 4.10
          Platform: All
        OS/Version: RTEMS
            Status: NEW
          Severity: normal
          Priority: P3
         Component: networking
        AssignedTo: norume at aps.anl.gov
        ReportedBy: sebastian.huber at embedded-brains.de


Reported via the mailing list by Arnout Vandecappelle <arnout at mind.be>:

When an FTP client performs a RETR of a directory, ftpd will
blindly open() the directory and send its contents.  This results
in a binary blob being sent to the client.  Mozilla (among others)
always tries a RETR on a path before listing it; if the RETR doesn't
fail, you'll see the binary contents instead of the directory list.

This patch makes sure that RETR fails if the given path is a
directory.

Signed-off-by: Arnout Vandecappelle <arnout at mind.be>

---
 src/cpukit/ftpd/ftpd.c |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/src/cpukit/ftpd/ftpd.c b/src/cpukit/ftpd/ftpd.c
index d10aad3..dc84e3a 100644
--- a/src/cpukit/ftpd/ftpd.c
+++ b/src/cpukit/ftpd/ftpd.c
@@ -795,6 +795,7 @@ command_retrieve(FTPD_SessionInfo_t  *info, char const 
*filename)
   int                 s = -1;
   int                 fd = -1;
   char                buf[FTPD_DATASIZE];
+  struct stat         stat_buf;
   int                 res = 0;

   if(!can_read())
@@ -809,6 +810,12 @@ command_retrieve(FTPD_SessionInfo_t  *info, char const 
*filename)
     return;
   }

+  if (fstat(fd, &stat_buf) == 0 && S_ISDIR(stat_buf.st_mode))
+  {
+    send_reply(info, 550, "Is a directory.");
+    return;
+  }
+
   send_mode_reply(info);

   s = data_socket(info);
-- tg: (74d876d..) t/ftpd_no_retr_dir (depends on: rtems-4.10pre-cvs)

-- 
Configure bugmail: https://www.rtems.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the bugs mailing list