diff options
author | simon <simon@FreeBSD.org> | 2009-01-07 20:17:55 +0000 |
---|---|---|
committer | simon <simon@FreeBSD.org> | 2009-01-07 20:17:55 +0000 |
commit | abe6016909259942e4406e3f1ad00457ed92ad7b (patch) | |
tree | 35047b128f79f0cc0e19f739b1989b690c953007 /contrib/lukemftpd/src/ftpd.c | |
parent | ef24bb1a20fff74f45c2d0daf8a10d11d47251a4 (diff) | |
download | FreeBSD-src-abe6016909259942e4406e3f1ad00457ed92ad7b.zip FreeBSD-src-abe6016909259942e4406e3f1ad00457ed92ad7b.tar.gz |
Prevent cross-site forgery attacks on lukemftpd(8) due to splitting
long commands into multiple requests. [09:01]
Fix incorrect OpenSSL checks for malformed signatures due to invalid
check of return value from EVP_VerifyFinal(), DSA_verify, and
DSA_do_verify. [09:02]
Security: FreeBSD-SA-09:01.lukemftpd
Security: FreeBSD-SA-09:02.openssl
Obtained from: NetBSD [SA-09:01]
Obtained from: OpenSSL Project [SA-09:02]
Approved by: so (simon)
Diffstat (limited to 'contrib/lukemftpd/src/ftpd.c')
-rw-r--r-- | contrib/lukemftpd/src/ftpd.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/contrib/lukemftpd/src/ftpd.c b/contrib/lukemftpd/src/ftpd.c index 50a8854..afdd517 100644 --- a/contrib/lukemftpd/src/ftpd.c +++ b/contrib/lukemftpd/src/ftpd.c @@ -1,4 +1,4 @@ -/* $NetBSD: ftpd.c,v 1.176 2006/05/09 20:18:06 mrg Exp $ */ +/* $NetBSD: ftpd.c,v 1.187 2008/09/13 03:30:35 lukem Exp $ */ /* * Copyright (c) 1997-2004 The NetBSD Foundation, Inc. @@ -2896,6 +2896,7 @@ static int handleoobcmd() { char *cp; + int ret; if (!urgflag) return (0); @@ -2904,9 +2905,14 @@ handleoobcmd() if (!transflag) return (0); cp = tmpline; - if (getline(cp, sizeof(tmpline), stdin) == NULL) { + ret = getline(cp, sizeof(tmpline)-1, stdin); + if (ret == -1) { reply(221, "You could at least say goodbye."); dologout(0); + } else if (ret == -2) { + /* Ignore truncated command */ + /* XXX: abort xfer with "500 command too long", & return 1 ? */ + return 0; } /* * Manually parse OOB commands, because we can't |