[rtems commit] ftpd: Deal with too long command lines

Sebastian Huber sebh at rtems.org
Fri Nov 2 10:58:46 UTC 2018


Module:    rtems
Branch:    master
Commit:    8c3cd1e81bf29bb0a21ba3174a672fc85e162233
Changeset: http://git.rtems.org/rtems/commit/?id=8c3cd1e81bf29bb0a21ba3174a672fc85e162233

Author:    Sebastian Huber <sebastian.huber at embedded-brains.de>
Date:      Tue Oct 30 11:34:16 2018 +0100

ftpd: Deal with too long command lines

Update #3530.

---

 cpukit/ftpd/ftpd.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/cpukit/ftpd/ftpd.c b/cpukit/ftpd/ftpd.c
index eb87612..8aef440 100644
--- a/cpukit/ftpd/ftpd.c
+++ b/cpukit/ftpd/ftpd.c
@@ -1908,6 +1908,7 @@ session(rtems_task_argument arg)
       {
         char buf[FTPD_BUFSIZE];
         char *cmd, *opts, *args;
+        size_t len;
 
         if (fgets(buf, FTPD_BUFSIZE, info->ctrl_fp) == NULL)
         {
@@ -1915,6 +1916,25 @@ session(rtems_task_argument arg)
           break;
         }
 
+        len = strlen(buf);
+
+        if (len == 0)
+          continue;
+
+        if (buf[len - 1] != '\n')
+        {
+          send_reply(info, 501, "Command line too long.");
+
+          /*
+           * We could also try to continue here, however, discarding the rest
+           * of the current command line and figuring out when the next command
+           * starts with fgets() is not that easy.  It would be better to avoid
+           * the FILE stream and just use the socket directly with send() and
+           * recv().
+           */
+          break;
+        }
+
         split_command(buf, &cmd, &opts, &args);
 
         if (!strcmp("QUIT", cmd))



More information about the vc mailing list