Alle 20:05, venerdì 5 novembre 2004, Ulf Härnhammar ha scritto: > Hello, > > I have found that it's possible for a malicious FTP server to crash GNU > Wget by sending malformed directory listings. Wget will parse them without > checking if they are written in the proper format. It will do a fixed > number of strtok() calls and then atoi() calls, and with the wrong format, > atoi() will dereference NULL, leading to a crash. > > This affects 1.9.1, the latest CVS version and some older stable versions. > > I have attached a patch against 1.9.1 that will correct this, and a little > fake FTP server that exhibits this problem when Wget connects to it. The > server should be started from inetd or xinetd. My inetd.conf line looks > like this: > > ftp stream tcp nowait metaur /usr/bin/perl perl /path/to/wget-crasher.pl
thank you very much, ulf. i will investigate the problem and the patch you've sent us. -- Aequam memento rebus in arduis servare mentem... Mauro Tortonesi University of Ferrara - Dept. of Eng. http://www.ing.unife.it Institute of Human & Machine Cognition http://www.ihmc.us Deep Space 6 - IPv6 for Linux http://www.deepspace6.net Ferrara Linux User Group http://www.ferrara.linux.it