diff options
author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-10-30 11:34:16 +0100 |
---|---|---|
committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-10-30 13:27:03 +0100 |
commit | 8c3cd1e81bf29bb0a21ba3174a672fc85e162233 (patch) | |
tree | 5a340c9d0cb6cc2a6551ddab5e011bfce76e7f35 /cpukit/ftpd | |
parent | 706802f87006bc015d93e1bad2e358c95dfce9a0 (diff) |
ftpd: Deal with too long command lines
Update #3530.
Diffstat (limited to 'cpukit/ftpd')
-rw-r--r-- | cpukit/ftpd/ftpd.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/cpukit/ftpd/ftpd.c b/cpukit/ftpd/ftpd.c index eb87612bb5..8aef440a72 100644 --- a/cpukit/ftpd/ftpd.c +++ b/cpukit/ftpd/ftpd.c @@ -1908,6 +1908,7 @@ session(rtems_task_argument arg) { char buf[FTPD_BUFSIZE]; char *cmd, *opts, *args; + size_t len; if (fgets(buf, FTPD_BUFSIZE, info->ctrl_fp) == NULL) { @@ -1915,6 +1916,25 @@ session(rtems_task_argument arg) break; } + len = strlen(buf); + + if (len == 0) + continue; + + if (buf[len - 1] != '\n') + { + send_reply(info, 501, "Command line too long."); + + /* + * We could also try to continue here, however, discarding the rest + * of the current command line and figuring out when the next command + * starts with fgets() is not that easy. It would be better to avoid + * the FILE stream and just use the socket directly with send() and + * recv(). + */ + break; + } + split_command(buf, &cmd, &opts, &args); if (!strcmp("QUIT", cmd)) |