diff options
author | Denis Vlasenko | 2009-03-16 19:54:06 +0000 |
---|---|---|
committer | Denis Vlasenko | 2009-03-16 19:54:06 +0000 |
commit | 43bb7bba3b09f9beddb07417fa4997a599f5c6d1 (patch) | |
tree | 844f7ccd64e36b0855c47246e88614c696561cc7 /networking/ftpd.c | |
parent | 20c82168976a511237b45eef94891e9124f47f7a (diff) | |
download | busybox-43bb7bba3b09f9beddb07417fa4997a599f5c6d1.zip busybox-43bb7bba3b09f9beddb07417fa4997a599f5c6d1.tar.gz |
ftpd: simplify PORT check by assuming IP = peer's IP.
Should be as safe as before this change.
function old new delta
ftpd_main 2115 2025 -90
Diffstat (limited to 'networking/ftpd.c')
-rw-r--r-- | networking/ftpd.c | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/networking/ftpd.c b/networking/ftpd.c index d63fd9b..6753248 100644 --- a/networking/ftpd.c +++ b/networking/ftpd.c @@ -422,21 +422,42 @@ handle_epsv(void) free(response); } +/* libbb candidate */ +static +len_and_sockaddr* get_peer_lsa(int fd) +{ + len_and_sockaddr *lsa; + socklen_t len = 0; + + if (getpeername(fd, NULL, &len) != 0) + return NULL; + lsa = xzalloc(LSA_LEN_SIZE + len); + lsa->len = len; + getpeername(fd, &lsa->u.sa, &lsa->len); + return lsa; +} + static void handle_port(void) { unsigned port, port_hi; char *raw, *comma; +#ifdef WHY_BOTHER_WE_CAN_ASSUME_IP_MATCHES socklen_t peer_ipv4_len; struct sockaddr_in peer_ipv4; struct in_addr port_ipv4_sin_addr; +#endif port_pasv_cleanup(); raw = G.ftp_arg; /* PORT command format makes sense only over IPv4 */ - if (!raw || G.local_addr->u.sa.sa_family != AF_INET) { + if (!raw +#ifdef WHY_BOTHER_WE_CAN_ASSUME_IP_MATCHES + || G.local_addr->u.sa.sa_family != AF_INET +#endif + ) { bail: cmdio_write_error(FTP_BADCMD); return; @@ -459,6 +480,7 @@ handle_port(void) goto bail; port |= port_hi << 8; +#ifdef WHY_BOTHER_WE_CAN_ASSUME_IP_MATCHES replace_char(raw, ',', '.'); /* We are verifying that PORT's IP matches getpeername(). @@ -477,6 +499,10 @@ handle_port(void) goto bail; G.port_addr = xdotted2sockaddr(raw, port); +#else + G.port_addr = get_peer_lsa(STDIN_FILENO); + set_nport(G.port_addr, port); +#endif cmdio_write_ok(FTP_PORTOK); } |