From 17a834bc63b2781aefcef1fc2213877053ba1873 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 10 Nov 2003 08:12:53 +0000
Subject: [PATCH] =?UTF-8?q?After=20S=E9bastien=20Willemijns'=20bug=20repor?=
 =?UTF-8?q?t,=20we=20now=20check=20the=20separators=20properly=20in=20the?=
 =?UTF-8?q?=20229-reply=20servers=20respond=20on=20a=20EPSV=20command=20an?=
 =?UTF-8?q?d=20bail=20out=20better=20if=20the=20reply=20string=20is=20not?=
 =?UTF-8?q?=20valid=20RFC2428-compliant.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 lib/ftp.c | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/lib/ftp.c b/lib/ftp.c
index 0f067c5da..5db4c5fc3 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -1389,18 +1389,8 @@ CURLcode ftp_use_pasv(struct connectdata *conn,
 
   */
 
-#if 1
   const char *mode[] = { "EPSV", "PASV", NULL };
   int results[] = { 229, 227, 0 };
-#else
-#if 0
-  char *mode[] = { "EPSV", "LPSV", "PASV", NULL };
-  int results[] = { 229, 228, 227, 0 };
-#else
-  const char *mode[] = { "PASV", NULL };
-  int results[] = { 227, 0 };
-#endif
-#endif
   int modeoff;
   unsigned short connectport; /* the local port connect() should use! */
   unsigned short newport=0; /* remote port, not necessary the local one */
@@ -1459,7 +1449,6 @@ CURLcode ftp_use_pasv(struct connectdata *conn,
     newhostp = newhost;
     newport = (port[0]<<8) + port[1];
   }
-#if 1
   else if (229 == results[modeoff]) {
     char *ptr = strchr(buf, '(');
     if(ptr) {
@@ -1472,11 +1461,23 @@ CURLcode ftp_use_pasv(struct connectdata *conn,
                       &separator[2],
                       &num,
                       &separator[3])) {
-        /* the four separators should be identical */
-        newport = num;
+        char sep1 = separator[0];
+        int i;
 
-        /* we should use the same host we already are connected to */
-        newhostp = conn->name;
+        /* The four separators should be identical, or else this is an oddly
+           formatted reply and we bail out immediately. */
+        for(i=1; i<4; i++) {
+          if(separator[i] != sep1) {
+            ptr=NULL; /* set to NULL to signal error */
+            break;
+          }
+        }
+        if(ptr) {
+          newport = num;
+
+          /* we should use the same host we already are connected to */
+          newhostp = conn->name;
+        }
       }                      
       else
         ptr=NULL;
@@ -1486,7 +1487,6 @@ CURLcode ftp_use_pasv(struct connectdata *conn,
       return CURLE_FTP_WEIRD_PASV_REPLY;
     }
   }
-#endif
   else
     return CURLE_FTP_CANT_RECONNECT;