Changeset fa0adf36 in rtems for cpukit


Ignore:
Timestamp:
Oct 30, 2018, 10:53:46 AM (10 months ago)
Author:
Sebastian Huber <sebastian.huber@…>
Branches:
master
Children:
3b930548
Parents:
8c3cd1e8
git-author:
Sebastian Huber <sebastian.huber@…> (10/30/18 10:53:46)
git-committer:
Sebastian Huber <sebastian.huber@…> (10/30/18 12:27:03)
Message:

ftpd: Avoid TOCTOU problem

Assume that opendir() returns only non-NULL if we actually open a
directory.

Update #3530.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • cpukit/ftpd/ftpd.c

    r8c3cd1e8 rfa0adf36  
    12461246  DIR                 *dirp = 0;
    12471247  struct dirent       *dp = 0;
    1248   struct stat         stat_buf;
    12491248  char                buf[FTPD_BUFSIZE];
    12501249  time_t curTime;
     
    12661265  }
    12671266
    1268   if(fname[0] == '\0')
     1267  if (fname[0] == '\0')
    12691268    fname = ".";
    12701269
    1271   if (0 > stat(fname, &stat_buf))
    1272   {
    1273     snprintf(buf, FTPD_BUFSIZE,
    1274       "%s: No such file or directory.\r\n", fname);
    1275     send(s, buf, strlen(buf), 0);
    1276   }
    1277   else if (S_ISDIR(stat_buf.st_mode) && (NULL == (dirp = opendir(fname))))
    1278   {
    1279     snprintf(buf, FTPD_BUFSIZE,
    1280       "%s: Can not open directory.\r\n", fname);
    1281     send(s, buf, strlen(buf), 0);
     1270  time(&curTime);
     1271  dirp = opendir(fname);
     1272  if (dirp != NULL)
     1273  {
     1274    /* FIXME: need "." and ".." only when '-a' option is given */
     1275    ok = ok && send_dirline(s, wide, curTime, fname, "", ".", buf);
     1276    ok = ok && send_dirline(s, wide, curTime, fname,
     1277      (strcmp(fname, ftpd_root) ? ".." : ""), "..", buf);
     1278
     1279    while (ok && (dp = readdir(dirp)) != NULL)
     1280      ok = ok &&
     1281        send_dirline(s, wide, curTime, fname, dp->d_name, dp->d_name, buf);
     1282
     1283    closedir(dirp);
    12821284  }
    12831285  else
    12841286  {
    1285     time(&curTime);
    1286     if(!dirp && *fname)
    1287       ok = ok && send_dirline(s, wide, curTime, fname, "", fname, buf);
    1288     else {
    1289       /* FIXME: need "." and ".." only when '-a' option is given */
    1290       ok = ok && send_dirline(s, wide, curTime, fname, "", ".", buf);
    1291       ok = ok && send_dirline(s, wide, curTime, fname,
    1292         (strcmp(fname, ftpd_root) ? ".." : ""), "..", buf);
    1293       while (ok && (dp = readdir(dirp)) != NULL)
    1294         ok = ok &&
    1295           send_dirline(s, wide, curTime, fname, dp->d_name, dp->d_name, buf);
    1296     }
    1297   }
    1298 
    1299   if(dirp)
    1300     closedir(dirp);
     1287    send_dirline(s, wide, curTime, fname, "", fname, buf);
     1288  }
     1289
    13011290  close_data_socket(info);
    13021291
Note: See TracChangeset for help on using the changeset viewer.