Bug 16938

Summary: FTP does not fully parse ftp:// URLs
Product: Base System Reporter: kientzle
Component: miscAssignee: Ceri Davies <ceri>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 3.3-RELEASE   
Hardware: Any   
OS: Any   

Description kientzle 2000-02-23 18:40:01 UTC 
FTP does not decode %XX escapes occuring within
username or password portions of ftp: URLs as specified
in RFC 1738.  These escapes are necessary if the username or
password contains a :, @, or / character.

Example: to represent a password of 'p@ssword', you must write
ftp://user:p%40ssword@host.domain.com/

FYI, fetch and ncftpget both handle this correctly.
Comment 1 Garrett A. Wollman 2000-02-23 18:51:52 UTC 
<<On Wed, 23 Feb 2000 10:33:49 -0800 (PST), kientzle@acm.org said:

>> Synopsis:       FTP does not fully parse ftp:// URLs

The fact that ftp(1) knows anything at all about URIs is a bug
(imported from another *BSD).

-GAWollman

--
Garrett A. Wollman   | O Siem / We are all family / O Siem / We're all the same
wollman@lcs.mit.edu  | O Siem / The fires of freedom 
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA|                     - Susan Aglukark and Chad Irschick
Comment 2 Pierre-Paul Lavoie 2001-12-31 05:25:17 UTC 
here a patch that worked for me:


--- fetch.c	Mon Dec 31 01:05:01 2001
+++ /fetch-patch.c	Mon Dec 31 01:04:51 2001
@@ -88,6 +88,33 @@
 jmp_buf	httpabort;
 
 /*
+ * Decode the %XX escapes in the string.
+ * return -1 on failure, 0 on success
+ */
+static int
+url_decode(str)
+	char *str;
+{
+	char v[3] = "XX";
+	char *vp;
+
+	if (str == NULL)
+		return 0;
+
+	while ( (str = strchr(str, '%')) != NULL)
+	{
+		if (isxdigit(*(str+1)) == 0 || isxdigit(*(str+2)) == 0)
+			return -1;
+
+		v[0] = *(str+1);
+		v[1] = *(str+2);
+		*str = (char)strtol(v, &vp, 16);
+		memmove(str+1, str+3, strlen(str+3) + 1);
+	}
+	return 0;
+}
+
+/*
  * Retrieve URL, via the proxy in $proxyvar if necessary.
  * Modifies the string argument given.
  * Returns -1 on failure, 0 on success
@@ -160,6 +187,12 @@
 		goto cleanup_url_get;
 	}
 
+	if (url_decode(path) == -1 || url_decode(savefile) == -1)
+	{
+		warnx("Invalid URL (invalid encoding): %s", origline);
+		goto cleanup_url_get;
+	}
+
 	if (proxyenv != NULL) {				/* use proxy */
 		proxy = strdup(proxyenv);
 		if (proxy == NULL)
@@ -589,6 +622,10 @@
 				dir = NULL;
 			}
 		}
+		if (url_decode(user) == -1 || url_decode(pass) == -1 || 
+							url_decode(dir) == -1 || url_decode(file) == -1)
+			goto bad_ftp_url;
+
 		if (debug)
 			printf("user %s:%s host %s port %s dir %s file %s\n",
 			    user, pass, host, portnum, dir, file);
Comment 3 Johan Karlsson freebsd_committer freebsd_triage 2002-08-22 19:11:59 UTC 
State Changed
From-To: open->feedback

Is this still a problem in more recent version of 
FreeBSD, say 4.6-RELEASE? 

Please followup by sending a mail to 
freebsd-gnats-submit@FreeBSD.org 
with the subject of this mail intact.
Comment 4 Ceri Davies freebsd_committer freebsd_triage 2003-06-08 19:00:46 UTC 
State Changed
From-To: feedback->closed

Feedback timeout (6 months or more). 
I will handle any feedback that this closure generates.
Comment 5 Ceri Davies freebsd_committer freebsd_triage 2003-06-08 19:00:46 UTC 
Responsible Changed
From-To: freebsd-bugs->ceri

Feedback timeout (6 months or more). 
I will handle any feedback that this closure generates.