2006-12-19 Ulf Harnhammar <[EMAIL PROTECTED]> * ftp-basic.c (ftp_syst): Fixes NULL dereferencing crash bug when parsing "SYST" replies from FTP servers. Originally reported by Federico L. Bossi Bonin: http://www.milw0rm.com/exploits/2947
Index: src/ftp-basic.c =================================================================== --- src/ftp-basic.c (revision 2197) +++ src/ftp-basic.c (working copy) @@ -1038,6 +1038,11 @@ /* Which system type has been reported (we are interested just in the first word of the server response)? */ request = strtok (NULL, " "); + if (request == NULL) + { + xfree (respline); + return FTPSRVERR; + } if (!strcasecmp (request, "VMS")) *server_type = ST_VMS;