From 4721396b1df8b77895c0124ad978ed50298df17a Mon Sep 17 00:00:00 2001 From: des Date: Fri, 19 May 2000 09:45:42 +0000 Subject: Better handling of some boundary conditions. Submitted by: ume --- lib/libfetch/ftp.c | 11 +++++++---- lib/libfetch/http.c | 2 ++ 2 files changed, 9 insertions(+), 4 deletions(-) (limited to 'lib') diff --git a/lib/libfetch/ftp.c b/lib/libfetch/ftp.c index fab45f5..9eb052d 100644 --- a/lib/libfetch/ftp.c +++ b/lib/libfetch/ftp.c @@ -100,7 +100,8 @@ static size_t lr_size, lr_length; static int last_code; #define isftpreply(foo) (isdigit(foo[0]) && isdigit(foo[1]) \ - && isdigit(foo[2]) && foo[3] == ' ') + && isdigit(foo[2]) \ + && (foo[3] == ' ' || foo[3] == '\0')) #define isftpinfo(foo) (isdigit(foo[0]) && isdigit(foo[1]) \ && isdigit(foo[2]) && foo[3] == '-') @@ -238,11 +239,13 @@ _ftp_transfer(int cd, char *oper, char *file, * is IMHO the one and only weak point in the FTP protocol. */ ln = last_reply; - for (p = ln + 3; !isdigit(*p); p++) + for (p = ln + 3; *p && !isdigit(*p); p++) /* nothing */ ; - for (p--, i = 0; i < 6; i++) { - p++; /* skip the comma */ + for (i = 0; *p, i < 6; i++, p++) addr[i] = strtol(p, &p, 10); + if (i < 6) { + e = 999; + goto ouch; } /* seek to required offset */ diff --git a/lib/libfetch/http.c b/lib/libfetch/http.c index a395881..a61ef9a 100644 --- a/lib/libfetch/http.c +++ b/lib/libfetch/http.c @@ -135,6 +135,8 @@ _http_fillbuf(struct cookie *c) } else if (c->encoding == ENC_CHUNKED) { if (c->chunksize == 0) { ln = fgetln(c->real_f, &len); + if (len <= 2) + return NULL; DEBUG(fprintf(stderr, "\033[1m_http_fillbuf(): new chunk: " "%*.*s\033[m\n", (int)len-2, (int)len-2, ln)); sscanf(ln, "%x", &(c->chunksize)); -- cgit v1.1