From fa6aeb869d9b593d63d4e59c5c02183b9916916d Mon Sep 17 00:00:00 2001 From: hniksic Date: Fri, 16 Nov 2001 11:38:03 -0800 Subject: [PATCH] [svn] Don't call rate() with bogus data. Submitted by Ian Abbott in <3B7A98A1.24985.9EF692@localhost> --- src/ChangeLog | 6 ++++++ src/ftp.c | 6 +++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/ChangeLog b/src/ChangeLog index d559fb1a..07dc7141 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,9 @@ +2001-08-15 Ian Abbott + + * ftp.c (ftp_loop_internal): Avoid a potential buffer overflow in + the call to the 'rate' function by moving it past the error + checking for the 'getftp' function return value. + 2001-11-16 Hrvoje Niksic * html-parse.c (advance_declaration): Use 0x22 instead of '"' or diff --git a/src/ftp.c b/src/ftp.c index f48f1beb..7bcca7ab 100644 --- a/src/ftp.c +++ b/src/ftp.c @@ -1086,9 +1086,6 @@ ftp_loop_internal (struct urlinfo *u, struct fileinfo *f, ccon *con) else len = 0; err = getftp (u, &len, restval, con); - /* Time? */ - tms = time_str (NULL); - tmrate = rate (len - restval, con->dltime, 0); if (!rbuf_initialized_p (&con->rbuf)) con->st &= ~DONE_CWD; @@ -1126,6 +1123,9 @@ ftp_loop_internal (struct urlinfo *u, struct fileinfo *f, ccon *con) /* Not as great. */ abort (); } + /* Time? */ + tms = time_str (NULL); + tmrate = rate (len - restval, con->dltime, 0); /* If we get out of the switch above without continue'ing, we've successfully downloaded a file. Remember this fact. */