https://issues.apache.org/bugzilla/show_bug.cgi?id=51412
Bug #: 51412
Summary: Nasty warning in ftp_cmd_pbsz() -- dangerous, where
long is not the same as int
Product: Apache httpd-2
Version: 2.2.15
Platform: PC
OS/Version: FreeBSD
Status: NEW
Severity: normal
Priority: P2
Component: mod_ftp
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
Created attachment 27190
--> https://issues.apache.org/bugzilla/attachment.cgi?id=27190
Properly parse buffer-size
Building the module on my 64-bit machine, I get the following warning:
ftp_commands.c:1694: warning: comparison is always false due to limited range
of data type
Indeed, although ftp_connection's pbsz field is of type int, it is compared to
LONG_MAX.
The attached patch uses a private long variable to check the value supplied by
the client. Only if the value is positive and below INT_MAX is it assigned to
fc->pbsz.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
