Skip Menu |
 

ftp "get" and "mget" commands treat "-" and "|foo..." specially. If get
is given only one argument, or if mget is used, and if the server
filename is "-" or starts with "|", the results will probably not be
what was intended.

Cf. CERT VU 258721, http://www.kb.cert.org/vuls/id/258721 .

Version 1.2.7 is vulnerable. Patch recommended for 1.2.7, as well as
fixing for 1.3.
From: raeburn@mit.edu
Subject: CVS Commit
* ftp.c (recvrequest): Add new argument indicating whether "-" and "|..."
special treatment should be disabled.
* ftp_var.h (recvrequest): Update declaration.
* cmds.c (remglob, ls, mls): Pass 0 as the extra argument.
(mget): Pass 1.
(getit): Pass 1 iff only one filename was supplied.


To generate a diff of this commit:



cvs diff -r1.74 -r1.75 krb5/src/appl/gssftp/ftp/ChangeLog
cvs diff -r1.22 -r1.23 krb5/src/appl/gssftp/ftp/cmds.c
cvs diff -r1.35 -r1.36 krb5/src/appl/gssftp/ftp/ftp.c
cvs diff -r1.14 -r1.15 krb5/src/appl/gssftp/ftp/ftp_var.h
I believe the current patches are sufficient for 1.3.

There are some potential issues with mput, but I think they're much
lower priority, not important for 1.3. I'll open a new ticket for them.
From: tlyu@mit.edu
Subject: CVS Commit
pullup from trunk


To generate a diff of this commit:



cvs diff -r1.73.2.1 -r1.73.2.2 krb5/src/appl/gssftp/ftp/ChangeLog
cvs diff -r1.22 -r1.22.2.1 krb5/src/appl/gssftp/ftp/cmds.c
cvs diff -r1.35 -r1.35.2.1 krb5/src/appl/gssftp/ftp/ftp.c
cvs diff -r1.14 -r1.14.2.1 krb5/src/appl/gssftp/ftp/ftp_var.h