Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

some bugs #4

Open
luojiaqs opened this issue Nov 16, 2018 · 0 comments
Open

some bugs #4

luojiaqs opened this issue Nov 16, 2018 · 0 comments

Comments

@luojiaqs
Copy link

@luojiaqs luojiaqs commented Nov 16, 2018

I'm learning ftp protocol
find some bugs and just make a mark
don't mind ^ ^

ftp_pwd

result size 大小没控制好造成stackoverflow

void ftp_pwd(Command *cmd, State *state)
{
  if(state->logged_in){
    char cwd[BSIZE];//size 1024
    char result[BSIZE];//size 1024
    memset(result, 0, BSIZE);
    if(getcwd(cwd,BSIZE)!=NULL){
      strcat(result,"257 \"");//size 5
      strcat(result,cwd); //  maybe size 1024
      strcat(result,"\"\n");//size 2
        //result size max == 5 + 1024 +2
      state->message = result;
    }else{
      state->message = "550 Failed to get pwd.\n";
    }
    write_state(state);
  }

ftp_mkd

same problem as ftp_pwd
strcat stack overflow

if(mkdir(cmd->arg,S_IRWXU)==0){
        strcat(res,"257 \"");
        strcat(res,cmd->arg);
        strcat(res,"\" new directory created.\n");
        state->message = res;

sprintf use %s can also cause stack overflow when len(cwd)+len(cmd->arg)>1024

sprintf(res,"257 \"%s/%s\" new directory created.\n",cwd,cmd->arg);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
1 participant
You can’t perform that action at this time.