From 7d68101f83a28323fa24b1f705881415ccbe6467 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 3 Mar 2006 13:09:30 +0000
Subject: [PATCH] Prevent uploading to a URL that has no file name part.

---
 CHANGES                   |  9 ++++++++
 RELEASE-NOTES             |  2 +-
 lib/ftp.c                 |  7 +++++++
 tests/data/test524        | 44 +++++++++++++++++++++++++++++++++++++++
 tests/libtest/Makefile.am |  8 +++++--
 tests/libtest/lib524.c    | 15 +++++++++++++
 6 files changed, 82 insertions(+), 3 deletions(-)
 create mode 100644 tests/data/test524
 create mode 100644 tests/libtest/lib524.c

diff --git a/CHANGES b/CHANGES
index 2a9f4a2bf..37952c8d8 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,11 @@
                                   Changelog
 
 Daniel (2 March 2006)
+- FTP upload without a file name part in the URL now causes
+  curl_easy_perform() to return CURLE_URL_MALFORMAT. Previously it allowed the
+  upload but named the file "(nil)" (without the quotes). Test case 524
+  verifies.
+
 - Added a check for getprotobyname in configure so that it'll be used, thanks
   to Gisle Vanem's change the other day.
 
@@ -15,6 +20,10 @@ Daniel (28 February 2006)
   are out of file handles very early in curl's code where it makes sure that
   0, 1 and 2 aren't gonna be used by the lib for transfers.
 
+Daniel (27 February 2006)
+- Marty Kuhrt pointed out that there were two VMS-specific files missing in
+  the release archive.
+
 Version 7.15.2 (27 February 2006)
 
 Daniel (22 February 2006)
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index adef4abd4..0110cd571 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -7,7 +7,7 @@ Curl and libcurl 7.15.3
  Number of public functions in libcurl:    46
  Amount of public web site mirrors:        31
  Number of known libcurl bindings:         32
- Number of contributors:                   474
+ Number of contributors:                   487
 
 This release includes the following changes:
 
diff --git a/lib/ftp.c b/lib/ftp.c
index 02732f452..da2aeb9e2 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -3816,6 +3816,13 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
     ftp->file=NULL; /* instead of point to a zero byte, we make it a NULL
                        pointer */
 
+  if(data->set.upload && !ftp->file &&
+     (!ftp->no_transfer || conn->bits.no_body)) {
+    /* We need a file name when uploading. Return error! */
+    failf(data, "Uploading to a URL without a file name!");
+    return CURLE_URL_MALFORMAT;
+  }
+
   ftp->cwddone = FALSE; /* default to not done */
 
   if(ftp->prevpath) {
diff --git a/tests/data/test524 b/tests/data/test524
new file mode 100644
index 000000000..36946667c
--- /dev/null
+++ b/tests/data/test524
@@ -0,0 +1,44 @@
+<info>
+<keywords>
+FTP
+UPLOAD
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+</server>
+<tool>
+lib524
+</tool>
+ <name>
+FTP upload with target URL ending with slash
+ </name>
+# first URL then proxy
+ <command>
+ftp://%HOSTIP:%FTPPORT/path/to/
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS curl_by_daniel@haxx.se
+PWD
+</protocol>
+
+# 3 is CURLE_URL_MALFORMAT
+<errorcode>
+3
+</errorcode>
+</verify>
diff --git a/tests/libtest/Makefile.am b/tests/libtest/Makefile.am
index ccbe2aa16..2af887726 100644
--- a/tests/libtest/Makefile.am
+++ b/tests/libtest/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -40,7 +40,7 @@ SUPPORTFILES = first.c test.h
 # These are all libcurl test programs
 noinst_PROGRAMS = lib500 lib501 lib502 lib503 lib504 lib505 lib506 lib507 \
   lib508 lib509 lib510 lib511 lib512 lib513 lib514 lib515 lib516 lib517 \
-  lib518 lib519 lib520 lib521 lib523
+  lib518 lib519 lib520 lib521 lib523 lib524
 
 lib500_SOURCES = lib500.c $(SUPPORTFILES)
 lib500_LDADD = $(LIBDIR)/libcurl.la
@@ -133,3 +133,7 @@ lib521_DEPENDENCIES = $(LIBDIR)/libcurl.la
 lib523_SOURCES = lib523.c $(SUPPORTFILES)
 lib523_LDADD = $(LIBDIR)/libcurl.la
 lib523_DEPENDENCIES = $(LIBDIR)/libcurl.la
+
+lib524_SOURCES = lib524.c $(SUPPORTFILES)
+lib524_LDADD = $(LIBDIR)/libcurl.la
+lib524_DEPENDENCIES = $(LIBDIR)/libcurl.la
diff --git a/tests/libtest/lib524.c b/tests/libtest/lib524.c
new file mode 100644
index 000000000..be9f43466
--- /dev/null
+++ b/tests/libtest/lib524.c
@@ -0,0 +1,15 @@
+#include "test.h"
+
+int test(char *URL)
+{
+  CURLcode res;
+  CURL *curl = curl_easy_init();
+  curl_easy_setopt(curl, CURLOPT_URL, URL);
+  curl_easy_setopt(curl, CURLOPT_UPLOAD, 1);
+  curl_easy_setopt(curl, CURLOPT_VERBOSE, TRUE);
+
+  res = curl_easy_perform(curl);
+  curl_easy_cleanup(curl);
+  return (int)res;
+}
+