Skip Menu |
 

Download (untitled) / with headers
text/plain 2.7KiB
From zacheiss@MIT.EDU Mon Apr 9 23:34:46 2001
Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.72.0.53])
by rt-11.mit.edu (8.9.3/8.9.3) with ESMTP id XAA17872
for <bugs@RT-11.mit.edu>; Mon, 9 Apr 2001 23:34:46 -0400 (EDT)
Received: from sweet-transvestite.mit.edu (SWEET-TRANSVESTITE.MIT.EDU [18.18.1.157])
by fort-point-station.mit.edu (8.9.2/8.9.2) with ESMTP id XAA05211;
Mon, 9 Apr 2001 23:34:45 -0400 (EDT)
Received: (from zacheiss@localhost) by sweet-transvestite.mit.edu (8.9.3)
id XAA08561; Mon, 9 Apr 2001 23:34:45 -0400 (EDT)
Message-Id: <200104100334.XAA08561@sweet-transvestite.mit.edu>
Date: Mon, 9 Apr 2001 23:34:45 -0400 (EDT)
From: zacheiss@MIT.EDU
Reply-To: zacheiss@MIT.EDU
To: krb5-bugs@MIT.EDU
Cc: zacheiss@MIT.EDU
Subject: bug in krb5 ftp client
X-Send-Pr-Version: 3.99

Show quoted text
>Number: 938
>Category: krb5-appl
>Synopsis: ftp client won't allow connections to ports higher than 32767
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: raeburn
>State: feedback
>Class: sw-bug
>Submitter-Id: unknown
>Arrival-Date: Mon Apr 9 23:35:01 EDT 2001
>Last-Modified: Tue May 1 19:31:01 EDT 2001
>Originator: Garry Zacheiss
>Organization:
Garry Zacheiss
Show quoted text
>Release: krb5-1.1.1
>Environment:

System: SunOS sweet-transvestite.mit.edu 5.7 Generic_106541-09 sun4u sparc SUNW,Ultra-5_10
Architecture: sun4

Show quoted text
>Description:
Attempting to use the krb5 ftp client to connect to a port
higher than 32767 results in:

[zacheiss@sweet-transvestite] ~$ ftp localhost 32768
localhost: bad port number-- 32768
usage: ftp host-name [port]
Show quoted text
ftp>

Show quoted text
>How-To-Repeat:
Use the krb5 ftp client to connect to an ftp server running on a
port higher than 32767.
Show quoted text
>Fix:
setpeer() in krb5/src/appl/gssftp/ftp/cmds.c declres the
variable port to be a short. It should be an unsigned short;
see the enclosed patch.

--- cmds.c 1999/10/07 02:42:44 1.4
+++ cmds.c 2001/04/09 20:14:16 1.5
@@ -126,7 +126,7 @@
char *argv[];
{
char *host, *hookup();
- short port;
+ unsigned short port;

if (connected) {
printf("Already connected to %s, use close first.\n",
Show quoted text
>Audit-Trail:

State-Changed-From-To: open-feedback
State-Changed-By: raeburn
State-Changed-When: Tue May 1 19:28:28 2001
State-Changed-Why:

I put this patch into 1.3, but also extended the port-number checks to
explicitly check the range better, instead of letting overflow bring
the supplied number back into the range of this variable's type.

Responsible-Changed-From-To: krb5-unassigned->raeburn
Responsible-Changed-By: raeburn
Responsible-Changed-When: Tue May 1 19:30:59 2001
Responsible-Changed-Why:
I took it.


Show quoted text
>Unformatted:
closing; fixed in krb5-1.2.3