Disallow invalid numeric mode values for SITE CHMOD.

Earlier, a decimal number (e.g., 890) could be passed for mode, leading to dangerous permissions set: -1, that is, 07777. Obtained from: OpenBSD MFC after: 1 week
author: yar <yar@FreeBSD.org> 2002-08-05 14:10:57 +0000
committer: yar <yar@FreeBSD.org> 2002-08-05 14:10:57 +0000
commit: 09fb3e817b683faeae6544e087e61c3db48565d6 (patch)
tree: b8f78605a714bcd5cff6a89cc40c749d3911ad7d /libexec
parent: 87d654b4a49cf0b409a82cd4fb373217b9a81977 (diff)
download: FreeBSD-src-09fb3e817b683faeae6544e087e61c3db48565d6.zip
FreeBSD-src-09fb3e817b683faeae6544e087e61c3db48565d6.tar.gz
1 files changed, 2 insertions, 3 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y
index d7ffc73..2284f02 100644
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@@ -647,9 +647,8 @@ cmd
 	| SITE SP CHMOD check_login_ro SP octal_number SP pathname CRLF
 		{
 			if ($4 && ($8 != NULL)) {
-				if ($6 > 0777)
-					reply(501,
-				"CHMOD: Mode value must be between 0 and 0777");
+				if (($6 == -1 ) || ($6 > 0777))
+					reply(501, "Bad mode value");
 				else if (chmod($8, $6) < 0)
 					perror_reply(550, $8);
 				else
author	yar <yar@FreeBSD.org>	2002-08-05 14:10:57 +0000
committer	yar <yar@FreeBSD.org>	2002-08-05 14:10:57 +0000
commit	09fb3e817b683faeae6544e087e61c3db48565d6 (patch)
tree	b8f78605a714bcd5cff6a89cc40c749d3911ad7d /libexec
parent	87d654b4a49cf0b409a82cd4fb373217b9a81977 (diff)
download	FreeBSD-src-09fb3e817b683faeae6544e087e61c3db48565d6.zip FreeBSD-src-09fb3e817b683faeae6544e087e61c3db48565d6.tar.gz