Bug 25243

Summary:	ftp crashes in remotemodtime ().
Product:	Base System	Reporter:	fumis <fumis>
Component:	bin	Assignee:	freebsd-bugs (Nobody) <bugs>
Status:	Closed FIXED
Severity:	Affects Only Me
Priority:	Normal
Version:	4.2-STABLE
Hardware:	Any
OS:	Any

Description fumis 2001-02-21 05:40:01 UTC

/usr/bin/ftp crashes after getting a file.

ftp> get foobar
local: foobar remote: foobar
227 Entering Passive Mode (***snip***)
150 Opening data connection for foobar (696075740 bytes).
100% |**************************************************|   663 MB    00:00 ETA
226 Transfer complete.
696075740 bytes received in 11999.42 seconds (56.65 KB/s)
Segmentation fault - core dumped

Fix: 

Braces required just after `if (fmt != NULL)' in remotemodtime ().
/usr/src/usr.bin/ftp/util.c, line 533
How-To-Repeat: Connect to ftpd which answers with less than 14 or more than 15 characters against `MDTM' request, and get some files.

Comment 1 Peter Pentchev 2001-02-21 06:55:45 UTC

On Tue, Feb 20, 2001 at 09:35:01PM -0800, fumis@bigfoot.com wrote:
> 
> >Number:         25243
> >Category:       bin
> >Synopsis:       ftp crashes in remotemodtime ().
> >Originator:     SHIMIZU Fumiyuki
> >Release:        4.2-STABLE
> >Organization:
> >Environment:
> FreeBSD ***snip*** 4.2-STABLE FreeBSD 4.2-STABLE #1: Tue Feb 20 14:01:10 JST 2001 ***snip***
> >Description:
> /usr/bin/ftp crashes after getting a file.
> 
> ftp> get foobar
> local: foobar remote: foobar
> 227 Entering Passive Mode (***snip***)
> 150 Opening data connection for foobar (696075740 bytes).
> 100% |**************************************************|   663 MB    00:00 ETA
> 226 Transfer complete.
> 696075740 bytes received in 11999.42 seconds (56.65 KB/s)
> Segmentation fault - core dumped
> 
> >How-To-Repeat:
> Connect to ftpd which answers with less than 14 or more than 15 characters against `MDTM' request, and get some files.
> 
> >Fix:
> Braces required just after `if (fmt != NULL)' in remotemodtime ().
> /usr/src/usr.bin/ftp/util.c, line 533

And the patch itself (trivial, yet needed indeed)..

G'luck,
Peter

-- 
"yields falsehood, when appended to its quotation." yields falsehood, when appended to its quotation.

Index: src/usr.bin/ftp/util.c
===================================================================
RCS file: /home/ncvs/src/usr.bin/ftp/util.c,v
retrieving revision 1.13
diff -u -r1.13 util.c
--- src/usr.bin/ftp/util.c	2000/05/22 17:18:38	1.13
+++ src/usr.bin/ftp/util.c	2001/02/21 06:52:52
@@ -529,7 +529,7 @@
 				y2kbug = 1;
 			} else if (len == 14)
 				fmt = "%04d%02d%02d%02d%02d%02d";
-			if (fmt != NULL)
+			if (fmt != NULL) {
 				memset(&timebuf, 0, sizeof(timebuf));
 				if (sscanf(mtbuf, fmt, &year, &month,
 				    &timebuf.tm_mday, &timebuf.tm_hour,
@@ -542,6 +542,7 @@
 						timebuf.tm_year = year - 1900;
 					rtime = mktime(&timebuf);
 				}
+			}
 		}
 		if (rtime == -1 && (noisy || debug != 0))
 			printf("Can't convert %s to a time.\n", mtbuf);

Comment 2 Bruce Evans freebsd_committer

2001-04-06 12:38:11 UTC

State Changed
From-To: open->closed

Fixed in: 
rev.1.14 (-current) 
rev.1.12.2.2 (RELENG_4) 
rev.1.6.2.3 (RELENG_3)