diff options
| author | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-10-30 11:34:16 +0100 |
|---|---|---|
| committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2018-10-30 13:27:03 +0100 |
| commit | 8c3cd1e81bf29bb0a21ba3174a672fc85e162233 (patch) | |
| tree | 5a340c9d0cb6cc2a6551ddab5e011bfce76e7f35 /cpukit/ftpd | |
| parent | ftpd: Make send_dirline() more robust (diff) | |
| download | rtems-8c3cd1e81bf29bb0a21ba3174a672fc85e162233.tar.bz2 | |
ftpd: Deal with too long command lines
Update #3530.
Diffstat (limited to 'cpukit/ftpd')
| -rw-r--r-- | cpukit/ftpd/ftpd.c | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/cpukit/ftpd/ftpd.c b/cpukit/ftpd/ftpd.c index eb87612bb5..8aef440a72 100644 --- a/cpukit/ftpd/ftpd.c +++ b/cpukit/ftpd/ftpd.c @@ -1908,6 +1908,7 @@ session(rtems_task_argument arg) { char buf[FTPD_BUFSIZE]; char *cmd, *opts, *args; + size_t len; if (fgets(buf, FTPD_BUFSIZE, info->ctrl_fp) == NULL) { @@ -1915,6 +1916,25 @@ session(rtems_task_argument arg) break; } + len = strlen(buf); + + if (len == 0) + continue; + + if (buf[len - 1] != '\n') + { + send_reply(info, 501, "Command line too long."); + + /* + * We could also try to continue here, however, discarding the rest + * of the current command line and figuring out when the next command + * starts with fgets() is not that easy. It would be better to avoid + * the FILE stream and just use the socket directly with send() and + * recv(). + */ + break; + } + split_command(buf, &cmd, &opts, &args); if (!strcmp("QUIT", cmd)) |