diff options
Diffstat (limited to 'libexec/ftpd')
| -rw-r--r-- | libexec/ftpd/ftpcmd.y | 37 | ||||
| -rw-r--r-- | libexec/ftpd/ftpd.c | 2 | ||||
| -rw-r--r-- | libexec/ftpd/popen.c | 17 |
3 files changed, 34 insertions, 22 deletions
diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y index 151c3d7c81fb..3b64c87f5db7 100644 --- a/libexec/ftpd/ftpcmd.y +++ b/libexec/ftpd/ftpcmd.y @@ -148,18 +148,21 @@ cmd pass($3); free($3); } - | PORT SP host_port CRLF + | PORT check_login SP host_port CRLF { - usedefault = 0; - if (pdata >= 0) { - (void) close(pdata); - pdata = -1; + if ($2) { + usedefault = 0; + if (pdata >= 0) { + (void) close(pdata); + pdata = -1; + } + reply(200, "PORT command successful."); } - reply(200, "PORT command successful."); } - | PASV CRLF + | PASV check_login CRLF { - passive(); + if ($2) + passive(); } | TYPE SP type_code CRLF { @@ -291,16 +294,18 @@ cmd if ($4 != NULL) free($4); } - | RNTO SP pathname CRLF + | RNTO check_login SP pathname CRLF { - if (fromname) { - renamecmd(fromname, $3); - free(fromname); - fromname = (char *) 0; - } else { - reply(503, "Bad sequence of commands."); + if ($2) { + if (fromname) { + renamecmd(fromname, $4); + free(fromname); + fromname = (char *) 0; + } else { + reply(503, "Bad sequence of commands."); + } + free($4); } - free($3); } | ABOR CRLF { diff --git a/libexec/ftpd/ftpd.c b/libexec/ftpd/ftpd.c index c106f79e0a54..92130b91cd46 100644 --- a/libexec/ftpd/ftpd.c +++ b/libexec/ftpd/ftpd.c @@ -30,7 +30,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: ftpd.c,v 1.10.4.2 1995/09/01 03:07:17 davidg Exp $ + * $Id: ftpd.c,v 1.10.4.3 1996/03/18 11:10:16 davidg Exp $ */ #ifndef lint diff --git a/libexec/ftpd/popen.c b/libexec/ftpd/popen.c index b26732e7be39..6a419ea61443 100644 --- a/libexec/ftpd/popen.c +++ b/libexec/ftpd/popen.c @@ -33,11 +33,14 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * + * $Id: popen.c,v 1.1.1.1.6.1 1996/11/20 22:25:39 pst Exp $ */ +#if 0 #ifndef lint static char sccsid[] = "@(#)popen.c 8.3 (Berkeley) 4/6/94"; #endif /* not lint */ +#endif #include <sys/types.h> #include <sys/wait.h> @@ -52,6 +55,9 @@ static char sccsid[] = "@(#)popen.c 8.3 (Berkeley) 4/6/94"; #include "extern.h" +#define MAXUSRARGS 100 +#define MAXGLOBARGS 1000 + /* * Special version of popen which avoids call to shell. This ensures noone * may create a pipe to a hidden program as a side effect of a list or dir @@ -67,9 +73,9 @@ ftpd_popen(program, type) char *cp; FILE *iop; int argc, gargc, pdes[2], pid; - char **pop, *argv[100], *gargv[1000]; + char **pop, *argv[MAXUSRARGS], *gargv[MAXGLOBARGS]; - if (*type != 'r' && *type != 'w' || type[1]) + if (((*type != 'r') && (*type != 'w')) || type[1]) return (NULL); if (!pids) { @@ -83,13 +89,13 @@ ftpd_popen(program, type) return (NULL); /* break up string into pieces */ - for (argc = 0, cp = program;; cp = NULL) + for (argc = 0, cp = program; argc < MAXUSRARGS; cp = NULL) if (!(argv[argc++] = strtok(cp, " \t\n"))) break; /* glob each piece */ gargv[0] = argv[0]; - for (gargc = argc = 1; argv[argc]; argc++) { + for (gargc = argc = 1; argv[argc] && gargc < (MAXGLOBARGS-1); argc++) { glob_t gl; int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; @@ -97,7 +103,8 @@ ftpd_popen(program, type) if (glob(argv[argc], flags, NULL, &gl)) gargv[gargc++] = strdup(argv[argc]); else - for (pop = gl.gl_pathv; *pop; pop++) + for (pop = gl.gl_pathv; *pop && gargc < (MAXGLOBARGS-1); + pop++) gargv[gargc++] = strdup(*pop); globfree(&gl); } |