bug-inetutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug-inetutils] ftp: command processing


From: Debarshi 'Rishi' Ray
Subject: [bug-inetutils] ftp: command processing
Date: Wed, 8 Aug 2007 11:29:56 +0530

The ftp client's command processing looks faulty for cases where
readline is present. Explanation follows.

int
another (pargc, pargv, prompt)
     int *pargc;
     char ***pargv;
     char *prompt;
{
  int len = strlen (line), ret;

  if (len >= sizeof (line) - 3)
    {
      printf ("sorry, arguments too long\n");
      intr ();
    }
  printf ("(%s) ", prompt);
  line[len++] = ' ';

The above snippet of code from file ftp/cmds.c line 133 looks doubtful to me.

>From what I understand, the 'another' function is used to fetch any
missing parameters the user may not have given while issuing the
command. Some thing like:
ftp> open
(to) ftp.gnu.org
...
...

However in practice, what happens is:
ftp> open
sorry, arguments too long\n

The problem starts from this particular line:
if (len >= sizeof (line) - 3)

I am curious to know why this line was used in the first place, since
it will have faulty behaviour in all cases where readline is present
(or '#if HAVE_LIBREADLINE' is true). This is because of the way line
is defined in file ftp/ftp_var.h line 96 as:

#if HAVE_LIBREADLINE
FTP_EXTERN char *line;
#else
FTP_EXTERN char line[MAXLINE];  /* input line buffer */
#endif

Thus sizeof (line) will only be the number bytes required to hold a
pointer to a character and not the entire chunk of memory occupied by
line. Hence the error message is triggered every time irrespective of
what the actual conditions may be.

It looks quite self-explanatory, but I wanted to know if there is any
particular reason why this so. Or is it just a remnant of the
non-readline past?

Happy hacking,
Debarshi
-- 
GPG key ID: 63D4A5A7
Key server: pgp.mit.edu




reply via email to

[Prev in Thread] Current Thread [Next in Thread]