Synopsis: parsing of /etc/ftpchroot broken in NetBSD 1.4.2
NetBSD versions: NetBSD 1.4.2 only
Thanks to: Paul J. Lavoie, Luke Mewburn
Reported in NetBSD Security Advisory: SA2000-006

Index: libexec/ftpd/ftpd.c
===================================================================
RCS file: /cvsroot/basesrc/libexec/ftpd/ftpd.c,v
retrieving revision 1.61.2.1
retrieving revision 1.61.2.2
diff -u -c -r1.61.2.1 -r1.61.2.2
*** ftpd.c      1999/10/01 12:08:06     1.61.2.1
--- ftpd.c      2000/05/11 10:14:37     1.61.2.2
***************
*** 489,496 ****
               if (glob == NULL || glob[0] == '#')
                       continue;
               perm = strtok(NULL, " \t\n");
-               if (perm == NULL)
-                       continue;
               if (fnmatch(glob, name, 0) == 0)  {
                       if (perm != NULL &&
                           ((strcasecmp(perm, "allow") == 0) ||
--- 489,494 ----

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.