1
0
mirror of https://github.com/moparisthebest/wget synced 2024-07-03 16:38:41 -04:00

[svn] Fixed a problem in ftp_parse_winnt_ls that could allow a malicious remote FTP server to crash wget.

This commit is contained in:
mtortonesi 2004-12-08 17:20:39 -08:00
parent 1a9c0f6c31
commit ec4f99d51e
2 changed files with 18 additions and 1 deletions

View File

@ -1,3 +1,8 @@
2004-11-18 Ulf Harnhammar <ulf.harnhammar.9485@student.uu.se>
* ftp-ls.c: Fixed a problem in ftp_parse_winnt_ls that could allow a
malicious remote FTP server to crash wget.
2004-11-18 Hans-Andreas Engel <engel@node.ch> 2004-11-18 Hans-Andreas Engel <engel@node.ch>
* http.c: Enable --convert-links (-k) when a single page is downloaded * http.c: Enable --convert-links (-k) when a single page is downloaded

View File

@ -456,11 +456,14 @@ ftp_parse_winnt_ls (const char *file)
/* First column: mm-dd-yy. Should atoi() on the month fail, january /* First column: mm-dd-yy. Should atoi() on the month fail, january
will be assumed. */ will be assumed. */
tok = strtok(line, "-"); tok = strtok(line, "-");
if (tok == NULL) continue;
month = atoi(tok) - 1; month = atoi(tok) - 1;
if (month < 0) month = 0; if (month < 0) month = 0;
tok = strtok(NULL, "-"); tok = strtok(NULL, "-");
if (tok == NULL) continue;
day = atoi(tok); day = atoi(tok);
tok = strtok(NULL, " "); tok = strtok(NULL, " ");
if (tok == NULL) continue;
year = atoi(tok); year = atoi(tok);
/* Assuming the epoch starting at 1.1.1970 */ /* Assuming the epoch starting at 1.1.1970 */
if (year <= 70) year += 100; if (year <= 70) year += 100;
@ -468,8 +471,10 @@ ftp_parse_winnt_ls (const char *file)
/* Second column: hh:mm[AP]M, listing does not contain value for /* Second column: hh:mm[AP]M, listing does not contain value for
seconds */ seconds */
tok = strtok(NULL, ":"); tok = strtok(NULL, ":");
if (tok == NULL) continue;
hour = atoi(tok); hour = atoi(tok);
tok = strtok(NULL, "M"); tok = strtok(NULL, "M");
if (tok == NULL) continue;
min = atoi(tok); min = atoi(tok);
/* Adjust hour from AM/PM. Just for the record, the sequence goes /* Adjust hour from AM/PM. Just for the record, the sequence goes
11:00AM, 12:00PM, 01:00PM ... 11:00PM, 12:00AM, 01:00AM . */ 11:00AM, 12:00PM, 01:00PM ... 11:00PM, 12:00AM, 01:00AM . */
@ -499,7 +504,9 @@ ftp_parse_winnt_ls (const char *file)
directories as the listing does not give us a clue) and filetype directories as the listing does not give us a clue) and filetype
here. */ here. */
tok = strtok(NULL, " "); tok = strtok(NULL, " ");
while (*tok == '\0') tok = strtok(NULL, " "); if (tok == NULL) continue;
while ((tok != NULL) && (*tok == '\0')) tok = strtok(NULL, " ");
if (tok == NULL) continue;
if (*tok == '<') if (*tok == '<')
{ {
cur.type = FT_DIRECTORY; cur.type = FT_DIRECTORY;
@ -680,6 +687,7 @@ ftp_parse_vms_ls (const char *file)
/* Third/Second column: Date DD-MMM-YYYY. */ /* Third/Second column: Date DD-MMM-YYYY. */
tok = strtok(NULL, "-"); tok = strtok(NULL, "-");
if (tok == NULL) continue;
DEBUGP(("day: '%s'\n",tok)); DEBUGP(("day: '%s'\n",tok));
day = atoi(tok); day = atoi(tok);
tok = strtok(NULL, "-"); tok = strtok(NULL, "-");
@ -697,11 +705,13 @@ ftp_parse_vms_ls (const char *file)
/* Uknown months are mapped to January */ /* Uknown months are mapped to January */
month = i % 12 ; month = i % 12 ;
tok = strtok (NULL, " "); tok = strtok (NULL, " ");
if (tok == NULL) continue;
year = atoi (tok) - 1900; year = atoi (tok) - 1900;
DEBUGP(("date parsed\n")); DEBUGP(("date parsed\n"));
/* Fourth/Third column: Time hh:mm[:ss] */ /* Fourth/Third column: Time hh:mm[:ss] */
tok = strtok (NULL, " "); tok = strtok (NULL, " ");
if (tok == NULL) continue;
hour = min = sec = 0; hour = min = sec = 0;
p = tok; p = tok;
hour = atoi (p); hour = atoi (p);
@ -732,10 +742,12 @@ ftp_parse_vms_ls (const char *file)
/* Skip the fifth column */ /* Skip the fifth column */
tok = strtok(NULL, " "); tok = strtok(NULL, " ");
if (tok == NULL) continue;
/* Sixth column: Permissions */ /* Sixth column: Permissions */
tok = strtok(NULL, ","); /* Skip the VMS-specific SYSTEM permissons */ tok = strtok(NULL, ","); /* Skip the VMS-specific SYSTEM permissons */
if (tok == NULL) continue;
tok = strtok(NULL, ")"); tok = strtok(NULL, ")");
if (tok == NULL) if (tok == NULL)
{ {