Skip to content

Commit

Permalink
FTP: Fix buffer overflow in PORT parser, reported by Aaron Esau
Browse files Browse the repository at this point in the history 
Signed-off-by: Joachim Nilsson <troglobit@gmail.com>
  • Loading branch information
@troglobit
troglobit committed Aug 31, 2019
1 parent e822486 commit 0fb2c03
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/ftpcmd.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -441,7 +441,7 @@ static void handle_PORT(ctrl_t *ctrl, char *str)

/* Convert PORT command's argument to IP address + port */
sscanf(str, "%d,%d,%d,%d,%d,%d", &a, &b, &c, &d, &e, &f);
sprintf(addr, "%d.%d.%d.%d", a, b, c, d);
snprintf(addr, sizeof(addr), "%d.%d.%d.%d", a, b, c, d);

/* Check IPv4 address using inet_aton(), throw away converted result */
if (!inet_aton(addr, &(sin.sin_addr))) {
Expand Down

2 comments on commit 0fb2c03

@abergmann
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CVE-2020-20276 was assigned to this issue.

@troglobit
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@abergmann Hmm, another one? I thought CVE-2020-5204 was the official CVE ... beginning to think I don't understand how this works.

Please # to comment.