Bug 18410

Summary: Virtual hosts support broken in ftpd
Product: Base System Reporter: alexk <alexk>
Component: binAssignee: Yar Tikhiy <yar>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.0-STABLE   
Hardware: Any   
OS: Any   

Description alexk 2000-05-07 09:10:14 UTC 
 
 Virtual hosts support in ftpd is broken.
 ftpd.c, version 1.62, use strtok() multiple times on single line
 trying to build list of aliases for each virtual host described
 in /etc/ftphosts. Under some circumstances this leads to wrong
 actions (like chroot) effectively breaking ftp access.

Fix: 

The really quick and dirty patch is below:
 
 --- /usr/src/libexec/ftpd/ftpd.c	Thu Feb 10 22:51:30 2000
 +++ ftpd.c	Sat May  6 19:10:19 2000
 @@ -370,7 +370,6 @@
  			break;
  		}
  	}
 -
  #ifdef VIRTUAL_HOSTING
  	inithosts();
  #endif
 @@ -617,7 +616,7 @@
  	FILE *fp;
  	char *cp;
  	struct ftphost *hrp, *lhrp;
 -	char line[1024];
 +	char line[1024], l1[1024];
  	struct addrinfo hints, *res, *ai;
  
  	/*
 @@ -658,7 +657,8 @@
  				continue;
  			}
  			*cp = '\0';
 -			cp = strtok(line, " \t");
 +			strncpy(l1, line, sizeof(line)-1); l1[sizeof(l1)-1]='\0';
 +			cp = strtok(l1, " \t");
  			/* skip comments and empty lines */
  			if (cp == NULL || line[0] == '#')
  				continue;
 @@ -761,7 +761,8 @@
  				++i;
  			}
  			/* XXX: re-initialization for getaddrinfo() loop */
 -			cp = strtok(line, " \t");
 +			strncpy(l1, line, sizeof(line)-1); l1[sizeof(l1)-1]='\0';
 +			cp = strtok(l1, " \t");
  		      }
  		}
  		(void) fclose(fp);
How-To-Repeat:  
 We have ftpd made without INET6 option and also kernel without INET6
 support. getaddrinfo() in this environment returns two elements for
 each address.
Comment 1 Steve Price freebsd_committer freebsd_triage 2000-05-07 15:12:21 UTC 
State Changed
From-To: open->closed

Followup to another PR.
Comment 2 Steve Price freebsd_committer freebsd_triage 2000-05-14 21:08:39 UTC 
State Changed
From-To: closed->open

Oops.  I didn't mean to close this one.  It definitely isn't a 
followup to another PR, but rather a new PR altogether including 
a patch. :)
Comment 3 Steve Price freebsd_committer freebsd_triage 2000-05-14 21:08:39 UTC 
Responsible Changed
From-To: gnats-admin->freebsd-bugs

Misfiled PR.
Comment 4 Yar Tikhiy freebsd_committer freebsd_triage 2002-07-16 17:31:08 UTC 
State Changed
From-To: open->patched

A more elaborate fix committed to CURRENT.
Comment 5 Yar Tikhiy freebsd_committer freebsd_triage 2002-07-16 17:31:08 UTC 
Responsible Changed
From-To: freebsd-bugs->yar

MFC reminder.
Comment 6 Yar Tikhiy freebsd_committer freebsd_triage 2002-09-03 12:01:32 UTC 
State Changed
From-To: patched->closed

The bug has been fixed in -STABLE as well.