1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
Description: Broken detection of SSL errors.
During read of binary data, with active encryption, the detection
of failed calls with SSL_read() is incomplete. In addition, the
external variable 'errno' needs manual setting to EIO for proper
reporting.
.
Important problem analysis of code was contributed by Raphael Astier.
The issue was identified while investigating report #801948.
Author: Mats Erik Andersson <debian@gisladisker.se>
Forwarded: no
Last-Update: 2015-11-24
--- a/ftp/ftp.c
+++ b/ftp/ftp.c
@@ -1219,7 +1219,7 @@
hashbytes += 10 * hashstep;
}
}
- if ( c < -1 ) {
+ if ( c < 0 ) {
static char errbuf[1024];
sprintf(errbuf,"ftp: SSL_read DATA error %s\n",
@@ -1228,6 +1228,9 @@
/* tell the user ... who else */
fprintf(stderr,"%s", errbuf);
fflush(stderr);
+
+ /* Make reports express something sensible. */
+ errno = EIO;
}
} else
#endif /* !USE_SSL */
|
