Package: netkit-ftp / 0.17-23

Metadata

Package Version Patches format
netkit-ftp 0.17-23 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
010_patches_in_sarge.diff | (download)

ftp/Makefile | 2 1 + 1 - 0 !
ftp/cmds.c | 514 329 + 185 - 0 !
ftp/cmds.h | 1 1 + 0 - 0 !
ftp/cmdtab.c | 2 2 + 0 - 0 !
ftp/domacro.c | 41 33 + 8 - 0 !
ftp/ftp.1 | 17 14 + 3 - 0 !
ftp/ftp.c | 614 371 + 243 - 0 !
ftp/ftp_var.h | 7 4 + 3 - 0 !
ftp/main.c | 155 124 + 31 - 0 !
ftp/main.h | 20 20 + 0 - 0 !
ftp/netrc.5 | 4 3 + 1 - 0 !
ftp/ruserpass.c | 10 4 + 6 - 0 !
12 files changed, 906 insertions(+), 481 deletions(-)

 source patches applied to release sarge.
 Multiple patches.
020_optional_stripping.diff | (download)

ftp/Makefile | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 hard coded stripping behaviour.
 Remove explicit stripping from makefile target.
X-Closes: #437615
025_long_cmd_overflow.diff | (download)

ftp/main.c | 16 15 + 1 - 0 !
1 file changed, 15 insertions(+), 1 deletion(-)

 buffer overflow caused by long commands.
 Allocate a sufficient amount of memory to handle
 many arguments.
X-Closes: #391207, #407924
030_argv_handling.diff | (download)

ftp/main.c | 30 14 + 16 - 0 !
1 file changed, 14 insertions(+), 16 deletions(-)

 multiple flaws in ftp/main.c.
 There are several flaws in the current code of the makeargv function
 in ftp/main.c. It certainly errs, but not on the side of caution.
 .
 1. The 'count' variable is supposed to count the number of arguments on
 the command line. In fact it counts the number of arguments less one, so
 malloc is often called with an argument of zero.
 .
 2. The argument to malloc is completely wrong. Space needs to be
 reserved for a certain number of pointers; the length of the command
 line string is irrelevant.
 .
 3. The slurpstring parsing function accepts both space and tab as
 delimiters. The 'count' variable is calculated assuming spaces only.
 .
 4. It appears to me that the memory allocated for rargv is never freed,
 leading to a memory leak. I may be wrong about this, and I do not know
 the code well enough to suggest where the free should take place if it
 does not happen already. My patch does not address this.
 .
 Attempting to count parameters in advance is not the best solution in
 my opinion. It is duplicating part of the effort of slurpstring.
 My preference would have been to allocate memory for 20 pointers, as in
 the original code, then realloc() for a larger size if more than 20
 parameters are returned from slurpstring.
X-Closes: Closes #508378, #505533, #510009
035_lintian_pedantic.diff | (download)

ftp/cmds.c | 2 1 + 1 - 0 !
ftp/ftp.1 | 10 5 + 5 - 0 !
2 files changed, 6 insertions(+), 6 deletions(-)

 pedantic complaits by lintian.
 Spelling in ftp/ftp.1 and ftp/cmds.c.
 .
 Incorrect use of hyphenation in ftp/ftp.1.
040_ipv6_ftp_c.diff | (download)

ftp/ftp.c | 331 252 + 79 - 0 !
1 file changed, 252 insertions(+), 79 deletions(-)

 impose ipv6-capacities on ftp.c.
 Super structure 'struct sockaddr_storage' is replacing 'struct sockaddr_in'
 .
 For peer address strings, a first try aims at IPv4. That failing, next
 try is for IPv6, and ultimatively a host lookup follows as last resort.
 .
 Use a SIGALRM mechanism to decrease the default TCP handshake timeout
 to a value better suited for interactive use. The macro can be set
 externally to change the suggested FTP_CONNECT_TIMEOUT=10
 .
 Use a command EPSV with explicit request for IPv6 address family as soon
 as parsing concluded that the control socket is using IPv6.
 .
 Make IP_TOS conditioned on AF_INET for non-Linux, i.e., GNU/kfreebsd, GNU/Hurd.