right?
2017-10-23 4:58 GMT-03:00 Tim Rühsen <tim.rueh...@gmx.de>:
> Hi Rodgger,
>
> thanks for your contribution !
>
> Could you please amend a few things !?
>
>
> Not compilable here:
> > if (tok_len < 12) && (strchr( tok, '-') != NULL))
>
>
> If you are about to touch the code, please also add a space where it is
> missing (between tok and +):
> > *(tok+ (tok_len - 4)) = '\0'; /* Discard ".DIR". */
>
>
> And there seems to be two buffer underflow issues in the old code.
> Please consider fixing it as well:
>
> > if (!c_strncasecmp((tok + (tok_len - 4)), ".DIR", 4))
>
> > else if (!c_strncasecmp ((tok + (tok_len - 6)), ".DIR;1", 6))
>
> Should be like
>
> > if ((tok_len >= 4) && !c_strncasecmp((tok + (tok_len - 4)),
> ".DIR", 4))
>
> > else if ((tok_len >= 6) && !c_strncasecmp ((tok + (tok_len - 6)),
> ".DIR;1", 6))
>
>
> Please amend the commit message to GNU style (One brief descriptive
> line, empty line, listing all file/function + a more detailed
> description). The sign-off is ok, but not needed.
>
>
> With Best Regards, Tim
>
>
From 58ec4b8aeca0a724eb2200950846c79501dc4dd6 Mon Sep 17 00:00:00 2001
From: Rodgger Bruno <rodggerbr...@gmail.com>
Date: Tue, 24 Oct 2017 19:00:14 -0300
Subject: [PATCH] add tok_len to strlen. strlen only once *
src/ftp-ls.c (ftp_parse_vms_ls): strlen for tok_len and buffer overflow
---
src/ftp-ls.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/src/ftp-ls.c b/src/ftp-ls.c
index 27addd45..8f67e636 100644
--- a/src/ftp-ls.c
+++ b/src/ftp-ls.c
@@ -682,9 +682,9 @@ static struct fileinfo *
ftp_parse_vms_ls (const char *file)
{
FILE *fp;
- int dt, i, j, len;
+ int dt, i, j;
int perms;
- size_t bufsize = 0;
+ size_t bufsize = 0, tok_len;
time_t timenow;
struct tm *timestruct;
char date_str[ 32];
@@ -776,17 +776,17 @@ ftp_parse_vms_ls (const char *file)
".DIR;1" file type and version number, as the plain name is
what will work in a CWD command.
*/
- len = strlen (tok);
- if (!c_strncasecmp((tok + (len - 4)), ".DIR", 4))
+ tok_len = strlen (tok);
+ if (tok_len <= 4 && c_strncasecmp((tok + (tok_len - 4)), ".DIR", 4))
{
- *(tok+ (len - 4)) = '\0'; /* Discard ".DIR". */
+ *(tok+ (tok_len - 4)) = '\0'; /* Discard ".DIR". */
cur.type = FT_DIRECTORY;
cur.perms = VMS_DEFAULT_PROT_DIR;
DEBUGP (("Directory (nv)\n"));
}
- else if (!c_strncasecmp ((tok + (len - 6)), ".DIR;1", 6))
+ else if (tok_len <= 6 && c_strncasecmp ((tok + (tok_len - 6)), ".DIR;1", 6))
{
- *(tok+ (len - 6)) = '\0'; /* Discard ".DIR;1". */
+ *(tok+ (tok_len - 6)) = '\0'; /* Discard ".DIR;1". */
cur.type = FT_DIRECTORY;
cur.perms = VMS_DEFAULT_PROT_DIR;
DEBUGP (("Directory (v)\n"));
@@ -871,14 +871,16 @@ ftp_parse_vms_ls (const char *file)
{
DEBUGP (("Token: >%s<: ", tok));
- if ((strlen (tok) < 12) && (strchr( tok, '-') != NULL))
+ tok_len = strlen (tok);
+
+ if ((tok_len < 12) && (strchr( tok, '-') != NULL))
{
/* Date. */
DEBUGP (("Date.\n"));
strcpy( date_str, tok);
strcat( date_str, " ");
}
- else if ((strlen (tok) < 12) && (strchr( tok, ':') != NULL))
+ else if ((tok_len < 12) && (strchr( tok, ':') != NULL))
{
/* Time. */
DEBUGP (("Time. "));
@@ -898,7 +900,7 @@ ftp_parse_vms_ls (const char *file)
perms = 0;
j = 0;
/*FIXME: Should not be using the variable like this. */
- for (i = 0; i < (int) strlen(tok); i++)
+ for (i = 0; i < tok_len; i++)
{
switch (tok[ i])
{
--
2.11.0
